cif 0.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 7977508bd3a6524b1ad3b16f7bc4f1cb71f10e76
+  data.tar.gz: 1f14116aa103881414612e31465096e677507832
+SHA512:
+  metadata.gz: 215b47232ac28487366c42f030649cfdf9e23379ef1ab4b6eb654b5f0d1ec21599b448c372413ad539e949638e636681f54a8c200a6beb82904b9c55b16f7058
+  data.tar.gz: b418e8b9389c0a55702ab0bc3fdd8a8bb41fa22ce5ca188826a4880f34915673e8cb5c23aa3b64678ee490313b1c1c4d47c4ae10a87229c5ae7c37313153f9ec

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in cif.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Tony Arcieri
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,127 @@
+# Cryptosphere Identity Format (CIF)
+
+*Pronounced "sif" like the beginning of "sift"*
+
+A certificate format for the [Cryptosphere][cryptosphere]. We have elected not
+to use ASN.1-derived formats like X.509, and instead use a novel certificate
+format (Cue [obligatory XKCD comic](http://xkcd.com/927/)).
+
+This repository provides both the home of the format and a reference
+implementation in Ruby.
+
+[cryptosphere]: https://github.com/cryptosphere/cryptosphere
+
+## Rationale
+
+The existing public key infrastructure has a number of known issues:
+
+* It's hard to implement (overcomplicated)
+* It's hard to work with (confusing)
+* [It's broken from a linguistic theory perspective (fundamentally flawed)][28c3]
+
+The goal of a new certificate format should be to address all of these points,
+with special attention paid to the third: designing a format that satisfies
+security concerns at a linguistic level.
+
+Our design will consider the [Security Applications of Formal Language Theory][langsec-tr]
+
+[28c3]: https://www.youtube.com/watch?v=3kEfedtQVOY
+[langsec-tr]: http://www.cs.dartmouth.edu/~sergey/langsec/papers/langsec-tr.pdf
+
+## Improvements
+
+We propose the following to address the above problems:
+
+* A simple design that builds on existing standards (including JSON)
+* A human-readable format that can be viewed in any file viewer or editor
+* A format that learns the lessons of [LANGSEC][langsec], with a formal grammar
+  that is unambiguous and easy to implement
+
+[![Full Recognition Before Processing](http://www.cs.dartmouth.edu/~sergey/langsec/occupy/FullRecognition.jpg)][langsec]
+
+[langsec]: http://www.cs.dartmouth.edu/~sergey/langsec/
+
+### Linguistic Underpinnings
+
+To understand the design choices of CIF from a linguistic perspective, we have
+to examine one of the most fundamental parts of language theory, the 
+[Chomsky Hierarchy][chomsky]. Languages, be they natural languages we speak, the
+programming languages humans use, or the instruction set architectures that our
+CPUs execute fall into four fundamental categories:
+
+* Regular: regular expressions. Can understand sequential patterns. Can't count
+* Context-free: can understand tree structures, but can't use symbols within
+  what it's processing to help further understand what's being described
+* Context-sensitive: interprets portions of what's being processed to control
+  subsequent processing
+* Recursively enumerable (Turing complete): capable of unbounded computation
+
+We will select a format that is ***context-sensitive***. At first glance this
+might not satisfy LANGSEC's requirements:
+
+![Context Free Or Regular](http://www.cs.dartmouth.edu/~sergey/langsec/occupy/WeirdMachines.jpg)
+
+We will not be building a "weird machine", however. We will use a very simple
+format with built-in restrictions that will hopefully make even the most
+skeptical LANGSEC scruitinizer happy.
+
+Our grammar will be context-sensitive because it includes a length prefix.
+That's the weirdest part about it. The length prefix will also be bounded,
+providing a maximum message length, and thus a guaranteed end to any
+computation. Some may see a maximum length on input documents as a weakness. We
+see it as a strength.
+
+Even better, we're not going to invent anything new. We're merely going to
+synthesize existing ideas.
+
+[chomsky]: https://en.wikipedia.org/wiki/Chomsky_hierarchy
+
+### Self-Delimiting Strings
+
+A self-delimiting string is a simple idea: you read some sort of length prefix,
+then can read an arbitrary string containing any data you want. When you're
+done, you can interpret the remaining data however you wish.
+
+Some examples of self-delimiting strings are:
+
+* [netstrings][netstrings]: Dan Bernstein's string format. Uses a decimal prefix
+  of unbounded size, supporting arbitrary-length documents
+* [git pkt-lines][pkt-line]: Format used by the git protocol. Uses a fixed
+  4-byte prefix of hex digits, representing a 16-bit value. Messages (prefix
+  excluded) can be a maximum of 65520 bytes (or 65524 bytes with prefix).
+
+We will be using ***git pkt-lines*** to frame our certificates. The size
+limitation presents some problems, but we will work around them, and hopefully
+end up in a better place for doing so from a language-theoretic perspective.
+
+[netstrings]: http://cr.yp.to/proto/netstrings.txt
+[pkt-line]: https://raw.github.com/git/git/master/Documentation/technical/protocol-common.txt
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'cif'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install cif
+
+## Contributing
+
+* Fork this repository on github
+* Make your changes and send us a pull request
+* If we like them we'll merge them
+
+## License
+
+All project documentation is provided under the
+[Creative Commons Attribution 3.0 Unported](https://creativecommons.org/licenses/by/3.0/)
+license.
+
+Ruby source code Copyright (c) 2013 Tony Arcieri.
+Distributed under the MIT License. See LICENSE.txt for further details.

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/cif.gemspec

@@ -0,0 +1,23 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'cif/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "cif"
+  spec.version       = CIF::VERSION
+  spec.authors       = ["Tony Arcieri"]
+  spec.email         = ["tony.arcieri@gmail.com"]
+  spec.description   = "Cryptosphere Identity Format (CIF) parser/generator"
+  spec.summary       = "Tools for creating and reading Cryptosphere Identity Format (CIF) certificates"
+  spec.homepage      = "https://github.com/cryptosphere/cif"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+end

data/lib/cif.rb

@@ -0,0 +1,3 @@
+require "cif/version"
+
+module CIF; end

data/lib/cif/version.rb

@@ -0,0 +1,3 @@
+module CIF
+  VERSION = "0.0.0"
+end

metadata

@@ -0,0 +1,80 @@
+--- !ruby/object:Gem::Specification
+name: cif
+version: !ruby/object:Gem::Version
+  version: 0.0.0
+platform: ruby
+authors:
+- Tony Arcieri
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-09-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Cryptosphere Identity Format (CIF) parser/generator
+email:
+- tony.arcieri@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- cif.gemspec
+- lib/cif.rb
+- lib/cif/version.rb
+homepage: https://github.com/cryptosphere/cif
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Tools for creating and reading Cryptosphere Identity Format (CIF) certificates
+test_files: []