Template: CRAPTO
(Fix typo) |
(typo) |
||
Line 33: | Line 33: | ||
* link to developer discussion about it | * link to developer discussion about it | ||
− | [[Category | + | [[Category:GNU consensus markers| ]] |
</noinclude><includeonly> | </noinclude><includeonly> |
Revision as of 08:55, 20 December 2015
Contents
GNU Consensus Marker: CRAPTO
GNU/consensus/markers are used to indicate existing or potential issues that need to be addressed. Interested contributors can access a description of the problem, current issues, and related developer discussion.
The CRAPTO marker indicates that the system is using insecure or suspect cryptographic primitives, or demonstrates improper implementation of cryptography. Such systems can be compromised by an attacker who knows how to nullify the cipher. For example, the NSA introduced weak cryptography into NIST standards using magic numbers that would allow them to decipher the ciphertext: Dual EC DRBG. Other cases include wrong implementation of cryptography, for example reliance on weak random number generators, or reuse of random seeds.
Usage
Use all-caps!
{{CRAPTO}} will link to an #CRAPTO section in the same page.
{{CRAPTO PageName}} will link to a specific page detailing the issue.
The CRAPTO section or page can be created using a form. (TODO: add link to this form)
Example
List of Pages with the CRAPTO Marker
See a list of all pages marked with CRAPTO.
CRAPTO
Example section for the example. This section would:
- describe the problem
- describe what the project is doing to address it
- list issues related to this problem
- link to developer discussion about it