missing dependencies #49
Comments
|
There is some overlap with other issue, so I added links in the description and flagged dependency relationships. |
indomitableSwan
added
the
documentation
|
@marsella Is this issue done? Do we want to add any additional notes about the the CSPRNG at the top-level? Realizing that when we closed #98, we didn't add any additional details here, just a note here for generate. See for one part of spec that should be updated with the TODO note removed after completion.Question: Should the location of this information change? Where would you expect to find dependency information listed out in detail? Should this information be on the Systems Architecture page instead? Somewhere else? |
|
I think it makes sense to add a note about CSPRNGs in the cryptographic protocol and implementation dependencies section (where the TODO is linked). To match the other dependencies, that would be
I'd also move the "implementation guidance" note in generate to the "external dependencies" section, since that's true everywhere we use CSPRNGs. |
|
Also added new items to track ECDSA/EdDSDA and MAC. |
This plan sounds fine to me.
I'd rather just repeat the note wherever it's applicable. Increases the odds that the person implementing sees a reminder. |
In current-development-phase.md, there are the following missing dependencies with an unlinked TODO comment:
To close this issue, appropriate dependencies should be selected and referenced. Ideally, we incorporate a habit of commenting on our level of confidence in our selected dependencies.
Please also include compatible parameter selections and remove the guidance around "inter-dependency constraints" on the "Operations on Arbitrary Secrets" page (cryptographic_flows.md)
The text was updated successfully, but these errors were encountered: