| 19 Oct 2025 |
|  azahi joined the room. | 19:54:25 |
| 20 Oct 2025 |
|  Felix Schröter changed their display name from Felix Schröter to Felix Schröter (🌄 27.10. – 09.11.). | 08:34:02 |
| 21 Oct 2025 |
 dotlambda | https://github.com/NixOS/nixpkgs/pull/454346 | 21:00:18 |
| dotlambda |
I don't want people to use this library in production environments...
It's a teaching tool, it's a testing tool, it's absolutely not an production grade implementation.
I maintain it to have support for ECDH and ECDSA in tlsfuzzer, which I need to be first and foremost portable. Security does not even enter a picture for that tool.
If you need enterprise grade implementation you should use pyca/cryptography.
https://github.com/tlsfuzzer/python-ecdsa/issues/330 | 21:10:27 |
 emily | are the users actually using it in security-sensitive contexts or is it just test/fuzzer stuff? | 21:21:55 |
| dotlambda | Lots of crypto coin-related packages seem to use it, I assume that's security-sensitive. Also duplicity, a backup tool. I'm currently looking at how home-assistant is using it | 21:25:51 |
 niklaskorz | home-assistant project chip only seems to use it for testing indeed | 21:28:47 |
| dotlambda | In reply to @niklaskorz:matrix.org
home-assistant project chip only seems to use it for testing indeed You're sure about that?
https://matrix.to/#/!TMHsziEPKwNiZHIoRO:lossy.network/$e12yLxQo1zTojp77HVo2qnv_CpXQaP-PRSndOSHpo3Q?via=nixos.dev | 21:34:10 |
 dish [Fox/It/She] | of course its crypto coins >.> can never trust those projects to do anything right | 22:17:52 |
 hexa | 👉️ #security-discuss:nixos.org | 23:02:04 |
| 22 Oct 2025 |
| dotlambda | https://github.com/NixOS/nixpkgs/pull/454303 | 02:02:25 |
| hexa | https://seclists.org/oss-sec/2025/q4/68 bind9 | 16:14:45 |
