cif 0.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 7977508bd3a6524b1ad3b16f7bc4f1cb71f10e76
4
+ data.tar.gz: 1f14116aa103881414612e31465096e677507832
5
+ SHA512:
6
+ metadata.gz: 215b47232ac28487366c42f030649cfdf9e23379ef1ab4b6eb654b5f0d1ec21599b448c372413ad539e949638e636681f54a8c200a6beb82904b9c55b16f7058
7
+ data.tar.gz: b418e8b9389c0a55702ab0bc3fdd8a8bb41fa22ce5ca188826a4880f34915673e8cb5c23aa3b64678ee490313b1c1c4d47c4ae10a87229c5ae7c37313153f9ec
@@ -0,0 +1,17 @@
1
+ *.gem
2
+ *.rbc
3
+ .bundle
4
+ .config
5
+ .yardoc
6
+ Gemfile.lock
7
+ InstalledFiles
8
+ _yardoc
9
+ coverage
10
+ doc/
11
+ lib/bundler/man
12
+ pkg
13
+ rdoc
14
+ spec/reports
15
+ test/tmp
16
+ test/version_tmp
17
+ tmp
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in cif.gemspec
4
+ gemspec
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2013 Tony Arcieri
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,127 @@
1
+ # Cryptosphere Identity Format (CIF)
2
+
3
+ *Pronounced "sif" like the beginning of "sift"*
4
+
5
+ A certificate format for the [Cryptosphere][cryptosphere]. We have elected not
6
+ to use ASN.1-derived formats like X.509, and instead use a novel certificate
7
+ format (Cue [obligatory XKCD comic](http://xkcd.com/927/)).
8
+
9
+ This repository provides both the home of the format and a reference
10
+ implementation in Ruby.
11
+
12
+ [cryptosphere]: https://github.com/cryptosphere/cryptosphere
13
+
14
+ ## Rationale
15
+
16
+ The existing public key infrastructure has a number of known issues:
17
+
18
+ * It's hard to implement (overcomplicated)
19
+ * It's hard to work with (confusing)
20
+ * [It's broken from a linguistic theory perspective (fundamentally flawed)][28c3]
21
+
22
+ The goal of a new certificate format should be to address all of these points,
23
+ with special attention paid to the third: designing a format that satisfies
24
+ security concerns at a linguistic level.
25
+
26
+ Our design will consider the [Security Applications of Formal Language Theory][langsec-tr]
27
+
28
+ [28c3]: https://www.youtube.com/watch?v=3kEfedtQVOY
29
+ [langsec-tr]: http://www.cs.dartmouth.edu/~sergey/langsec/papers/langsec-tr.pdf
30
+
31
+ ## Improvements
32
+
33
+ We propose the following to address the above problems:
34
+
35
+ * A simple design that builds on existing standards (including JSON)
36
+ * A human-readable format that can be viewed in any file viewer or editor
37
+ * A format that learns the lessons of [LANGSEC][langsec], with a formal grammar
38
+ that is unambiguous and easy to implement
39
+
40
+ [![Full Recognition Before Processing](http://www.cs.dartmouth.edu/~sergey/langsec/occupy/FullRecognition.jpg)][langsec]
41
+
42
+ [langsec]: http://www.cs.dartmouth.edu/~sergey/langsec/
43
+
44
+ ### Linguistic Underpinnings
45
+
46
+ To understand the design choices of CIF from a linguistic perspective, we have
47
+ to examine one of the most fundamental parts of language theory, the
48
+ [Chomsky Hierarchy][chomsky]. Languages, be they natural languages we speak, the
49
+ programming languages humans use, or the instruction set architectures that our
50
+ CPUs execute fall into four fundamental categories:
51
+
52
+ * Regular: regular expressions. Can understand sequential patterns. Can't count
53
+ * Context-free: can understand tree structures, but can't use symbols within
54
+ what it's processing to help further understand what's being described
55
+ * Context-sensitive: interprets portions of what's being processed to control
56
+ subsequent processing
57
+ * Recursively enumerable (Turing complete): capable of unbounded computation
58
+
59
+ We will select a format that is ***context-sensitive***. At first glance this
60
+ might not satisfy LANGSEC's requirements:
61
+
62
+ ![Context Free Or Regular](http://www.cs.dartmouth.edu/~sergey/langsec/occupy/WeirdMachines.jpg)
63
+
64
+ We will not be building a "weird machine", however. We will use a very simple
65
+ format with built-in restrictions that will hopefully make even the most
66
+ skeptical LANGSEC scruitinizer happy.
67
+
68
+ Our grammar will be context-sensitive because it includes a length prefix.
69
+ That's the weirdest part about it. The length prefix will also be bounded,
70
+ providing a maximum message length, and thus a guaranteed end to any
71
+ computation. Some may see a maximum length on input documents as a weakness. We
72
+ see it as a strength.
73
+
74
+ Even better, we're not going to invent anything new. We're merely going to
75
+ synthesize existing ideas.
76
+
77
+ [chomsky]: https://en.wikipedia.org/wiki/Chomsky_hierarchy
78
+
79
+ ### Self-Delimiting Strings
80
+
81
+ A self-delimiting string is a simple idea: you read some sort of length prefix,
82
+ then can read an arbitrary string containing any data you want. When you're
83
+ done, you can interpret the remaining data however you wish.
84
+
85
+ Some examples of self-delimiting strings are:
86
+
87
+ * [netstrings][netstrings]: Dan Bernstein's string format. Uses a decimal prefix
88
+ of unbounded size, supporting arbitrary-length documents
89
+ * [git pkt-lines][pkt-line]: Format used by the git protocol. Uses a fixed
90
+ 4-byte prefix of hex digits, representing a 16-bit value. Messages (prefix
91
+ excluded) can be a maximum of 65520 bytes (or 65524 bytes with prefix).
92
+
93
+ We will be using ***git pkt-lines*** to frame our certificates. The size
94
+ limitation presents some problems, but we will work around them, and hopefully
95
+ end up in a better place for doing so from a language-theoretic perspective.
96
+
97
+ [netstrings]: http://cr.yp.to/proto/netstrings.txt
98
+ [pkt-line]: https://raw.github.com/git/git/master/Documentation/technical/protocol-common.txt
99
+
100
+ ## Installation
101
+
102
+ Add this line to your application's Gemfile:
103
+
104
+ gem 'cif'
105
+
106
+ And then execute:
107
+
108
+ $ bundle
109
+
110
+ Or install it yourself as:
111
+
112
+ $ gem install cif
113
+
114
+ ## Contributing
115
+
116
+ * Fork this repository on github
117
+ * Make your changes and send us a pull request
118
+ * If we like them we'll merge them
119
+
120
+ ## License
121
+
122
+ All project documentation is provided under the
123
+ [Creative Commons Attribution 3.0 Unported](https://creativecommons.org/licenses/by/3.0/)
124
+ license.
125
+
126
+ Ruby source code Copyright (c) 2013 Tony Arcieri.
127
+ Distributed under the MIT License. See LICENSE.txt for further details.
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
@@ -0,0 +1,23 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'cif/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "cif"
8
+ spec.version = CIF::VERSION
9
+ spec.authors = ["Tony Arcieri"]
10
+ spec.email = ["tony.arcieri@gmail.com"]
11
+ spec.description = "Cryptosphere Identity Format (CIF) parser/generator"
12
+ spec.summary = "Tools for creating and reading Cryptosphere Identity Format (CIF) certificates"
13
+ spec.homepage = "https://github.com/cryptosphere/cif"
14
+ spec.license = "MIT"
15
+
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
+
21
+ spec.add_development_dependency "bundler", "~> 1.3"
22
+ spec.add_development_dependency "rake"
23
+ end
@@ -0,0 +1,3 @@
1
+ require "cif/version"
2
+
3
+ module CIF; end
@@ -0,0 +1,3 @@
1
+ module CIF
2
+ VERSION = "0.0.0"
3
+ end
metadata ADDED
@@ -0,0 +1,80 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: cif
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Tony Arcieri
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2013-09-13 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ~>
18
+ - !ruby/object:Gem::Version
19
+ version: '1.3'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ~>
25
+ - !ruby/object:Gem::Version
26
+ version: '1.3'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - '>='
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - '>='
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ description: Cryptosphere Identity Format (CIF) parser/generator
42
+ email:
43
+ - tony.arcieri@gmail.com
44
+ executables: []
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - .gitignore
49
+ - Gemfile
50
+ - LICENSE.txt
51
+ - README.md
52
+ - Rakefile
53
+ - cif.gemspec
54
+ - lib/cif.rb
55
+ - lib/cif/version.rb
56
+ homepage: https://github.com/cryptosphere/cif
57
+ licenses:
58
+ - MIT
59
+ metadata: {}
60
+ post_install_message:
61
+ rdoc_options: []
62
+ require_paths:
63
+ - lib
64
+ required_ruby_version: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - '>='
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ required_rubygems_version: !ruby/object:Gem::Requirement
70
+ requirements:
71
+ - - '>='
72
+ - !ruby/object:Gem::Version
73
+ version: '0'
74
+ requirements: []
75
+ rubyforge_project:
76
+ rubygems_version: 2.0.3
77
+ signing_key:
78
+ specification_version: 4
79
+ summary: Tools for creating and reading Cryptosphere Identity Format (CIF) certificates
80
+ test_files: []