C++ Logo


Advanced search

Re: [SG12] p1315 secure_clear

From: Ville Voutilainen <ville.voutilainen_at_[hidden]>
Date: Sat, 25 Apr 2020 04:33:02 +0300
On Sat, 25 Apr 2020 at 04:21, Miguel Ojeda via SG12
<sg12_at_[hidden]> wrote:
> On Sat, Apr 25, 2020 at 2:25 AM Richard Smith <richardsmith_at_[hidden]> wrote:
> >
> > There has been no reference implementation of p1315 that has been used in production for any significant amount of time (several years). We do not know that its approach works.
> Indeed, there is no reference implementation of exactly P1315, but
> there are many implementations out there of the same
> idea/function/concept, as referenced by the proposal. They have been
> in production use for many years, in systems shipped to billions of
> users. The approach definitely works *for what the projects use them*.
> Whether that usage is good or not is another question that (see next
> point).
> > And my own 2c: from what I've heard from security-minded folks, the "secure_clear" approach does not and cannot work.
> That should be discussed/solved by them, not us. The projects out
> there, however, want to have a "secure_clear"-like function, as shown
> by the proposal.

I am having a vague feeling that I've heard these viewpoints before,
in previous discussions about secure_clear.
Can someone tell me which part of this is new information?

Received on 2020-04-24 20:36:11