### 2.9.3 Open-source transparency
### 2.9.3 Open-source transparency, easing peer review
For the sake of transparency the use of open-source software is
encouraged. Binary blobs should only be used when no good alternatives
exist, which could be the case with certain hardware drivers or driver
Similarly, it is recommended for the PELD itself to be open-source, and
well documented to help security analysis by third-parties.
Having third-parties analyze the PELD security is necessary to ensure
it is working as intended. It is thus recommended for the PELD itself
to be open-source. Moreover decisions with non-trivial implications
should be clearly and publicly documented: such information about what
a PELD implementation intents to achieve and how it does so should be
made available to reviewers.
Third-parties should also be enabled to reproduce a PELD
implementation by building it from the released source code and
publicly available information. The process should yield consistent
### 2.9.4 Easy feedback
......@@ -452,18 +461,6 @@ developers (email, web forum, bug tracker, shipped-within application,
...). Efforts should be made to offer the most anonymous (or at least
pseudonymous) possible way to send this feedback.
# 3 Implementation
T(A)ILS is an implementation of the PELD specification above. It is
