Commit 173f6d42 authored by T(A)ILS developers's avatar T(A)ILS developers
Browse files

Merge branch 'master' of ssh://livecd/~/wiki

parents 7716cef6 0164a2ed
...@@ -434,15 +434,24 @@ and the deep knowledge of this work should be shared between the team ...@@ -434,15 +434,24 @@ and the deep knowledge of this work should be shared between the team
members. Thus the development infrastructure should be thought and members. Thus the development infrastructure should be thought and
deployed in order to share this knowledge. deployed in order to share this knowledge.
### 2.9.3 Open-source transparency ### 2.9.3 Open-source transparency, easing peer review
For the sake of transparency the use of open-source software is For the sake of transparency the use of open-source software is
encouraged. Binary blobs should only be used when no good alternatives encouraged. Binary blobs should only be used when no good alternatives
exist, which could be the case with certain hardware drivers or driver exist, which could be the case with certain hardware drivers or driver
firmwares. firmwares.
Similarly, it is recommended for the PELD itself to be open-source, and Having third-parties analyze the PELD security is necessary to ensure
well documented to help security analysis by third-parties. it is working as intended. It is thus recommended for the PELD itself
to be open-source. Moreover decisions with non-trivial implications
should be clearly and publicly documented: such information about what
a PELD implementation intents to achieve and how it does so should be
made available to reviewers.
Third-parties should also be enabled to reproduce a PELD
implementation by building it from the released source code and
publicly available information. The process should yield consistent
results.
### 2.9.4 Easy feedback ### 2.9.4 Easy feedback
...@@ -452,18 +461,6 @@ developers (email, web forum, bug tracker, shipped-within application, ...@@ -452,18 +461,6 @@ developers (email, web forum, bug tracker, shipped-within application,
...). Efforts should be made to offer the most anonymous (or at least ...). Efforts should be made to offer the most anonymous (or at least
pseudonymous) possible way to send this feedback. pseudonymous) possible way to send this feedback.
### 2.9.5 Easing peer reviews
Having others than the PELD developers watching the configuration
choices made to implement the PELD is a necessity to harden the security
and privacy of its users. Thus every difficult choices should be well
documented on a publicly available website and/or directly on the live
system, mentionning what feature this choices intent to implement, and
how they do. The source code should also be made easy to find and read,
thus peer reviewing of the code and configurations would be eased. From
this source code, peers should be able to completly build and reproduce
the PELD implementation, and the steps to do so should be easy to find.
# 3 Implementation # 3 Implementation
T(A)ILS is an implementation of the PELD specification above. It is T(A)ILS is an implementation of the PELD specification above. It is
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment