Paying Tomasz Wasilczyk for security improvements

• Previous message: Paying Tomasz Wasilczyk for security improvements
• Next message: Paying Tomasz Wasilczyk for security improvements
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 04, 2013 at 10:54:28PM -0800, Mark Doliner wrote:
> On Sat, Mar 2, 2013 at 5:56 PM, Tomasz Wasilczyk
> <tomkiewicz.groups at gmail.com> wrote:
> > We (I mean, me and someone from Google) clarified some aspects of this
> > agreement. At first, Google won't direct the work - it's up to IMF to
> > decide, what is important in the context of improving security. Still,
> > they will be happy to discuss or advise on the work. I think it will
> > be kind, if I will address every issue they point out at first place.
> 
> I think the next step is for us to determine an appropriate list of
> tasks for you to work on.  The only one on my list is:
> - Evaluate current master-password branch, merge in changes from main,
> finish anything that needs finishing, merge into main.  (I'd prefer
> these changes not go into 2.x.y... but it's certainly open for
> discussion if people think that's a good idea.)
> 
> Anyone else have any security-related bug fixes or improvements they
> would like to see?

If I may do a suggestion: Lucas Fisher's ssl_client_auth branch has been 
awaiting review for a long time and is very much related to improving 
security. It might even have some overlap with the master-password branch 
(it adds a certificate and key store).

Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 938 bytes
Desc: not available
URL: <http://pidgin.im/pipermail/discussion/attachments/20130305/6f0f6d4c/attachment.pgp>

• Previous message: Paying Tomasz Wasilczyk for security improvements
• Next message: Paying Tomasz Wasilczyk for security improvements
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]