On the Promises of 'High-Assurance' Cryptography
6 points by nadim
6 points by nadim
While everything in this blog post seems like something I could agree with, I want to remind you that brigading against someone else’s project is generally considered off-topic here.
What? We’re reporting findings and security vulnerabilities in an open source project, while discussing the state of high assurance cryptography on the whole. If this is considered “brigading”, then every single post on Lobsters for any security vulnerability can be accused of brigading wherever that vulnerability is found.
Also, don’t you work on Firefox, which uses Cryspen’s cryptographic primitives via its HACL* library? I feel like you should be disclosing that, especially given that your comment seems to be aimed at removing this post from Lobsters.