Re: [Ghost] This could be really useful

Kathleen Moriarty <> Mon, 03 August 2015 12:37 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id A2A5B1A90DE for <>; Mon, 3 Aug 2015 05:37:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.701
X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id VlSMTYtbog8T for <>; Mon, 3 Aug 2015 05:37:54 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3E5471A90D5 for <>; Mon, 3 Aug 2015 05:37:54 -0700 (PDT)
Received: by wicgj17 with SMTP id gj17so103441315wic.1 for <>; Mon, 03 Aug 2015 05:37:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=rxTEkQkX6jAmVqgLbyTZX17W7T3kIai4Af7noXVOtac=; b=SyKJw5NmMYSAvrQlfhIiW6wb/kGClGaXZ7/U5jwm9mrc2mTQurZzrd9FmleDY4KakX IZ5yPoZzd9um/L5mWRGt3wN79qxFaI+n6eRtL4XeI2X/cXQts41lpc5a2MaesS2Gx3JZ T7jv/2tInOHhz5NjySbbKK4nIH3mf5Nvpz3Y0/HukSyqWGXMPaTCS2mycJU/GEfaSybN V8al1YCi1Tlqrs1AWaTYXuMW8M6DBHryJiVrGS1fA3W8b6/aGPEN+xjKW+WOIuQhYYKC Iw7rp/n+xJI0up9sgq0CA11ddDbxV88h+AMb+WJZr6OGJABSOx0mbT3M2okFjrla+WLZ KR9g==
MIME-Version: 1.0
X-Received: by with SMTP id eu2mr31348197wib.90.1438605473054; Mon, 03 Aug 2015 05:37:53 -0700 (PDT)
Received: by with HTTP; Mon, 3 Aug 2015 05:37:52 -0700 (PDT)
In-Reply-To: <>
References: <> <>
Date: Mon, 03 Aug 2015 08:37:52 -0400
Message-ID: <>
From: Kathleen Moriarty <>
To: Tom Ritter <>
Content-Type: multipart/alternative; boundary="f46d044283d4318602051c6770d1"
Archived-At: <>
Cc: "Boyle, Vincent M" <>, "" <>
Subject: Re: [Ghost] This could be really useful
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list for GatHering and reOrganizing STandards information \(GHOST\) team" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 03 Aug 2015 12:37:56 -0000

Thanks for starting the conversation.  When we first started talking about
this, it was not meant to be a repository, but rather a connection of links
and an easier way to find options for a particular problem (authentication,
etc.).  As such, we thought through a proposed structure outlined in a
google doc.

The structure is just proposed and reviews and comments to the list would
be very helpful to see if we can work towards an agreed structure.

Here is the link, please do post reviews and comment either on list or in
the google doc.  If you comment in the Google doc describing the structure,
please let the list know as not all will be notified.

Thank you,

On Sat, Aug 1, 2015 at 12:10 AM, Tom Ritter <> wrote:

> On Jul 30, 2015 1:35 PM, "Boyle, Vincent M" <> wrote:
> > If we can  document actual implementation in some way that is fair and
> > accurate (not easily gamed by people with proprietary interests), that
> > would be great!
> Test suites would go a long way towards documenting implementation
> status, and promoting interoperable bug-free implementations. I dream
> of a day where we have a full, open source test suite for (say) TLS
> that operates at the TCP layer. It attempts to talk various flavors of
> correct and incorrect TLS with a client or server, and makes sure the
> other responds when it should and doesn't when it shouldn't.
> We can hope vendors will use it... but the next step is actually to
> push it towards the organizations doing the purchasing.  "Let me run
> this test suite against your product.  Turns out it has a bug with CBC
> Padding, chokes on extensions it doesn't understand, and is intolerant
> if you try to negotiate a higher, unknown protocol version.  Go fix
> those bugs, show me the patch, and I'll buy."
> -tom
> _______________________________________________
> GHOST mailing list


Best regards,