[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FWD: new MIT SPKI software release



[email protected] (Matt Fredette) writes:
==================================================
Subject: new MIT software release

A new release of the MIT SDSI/SPKI C software distribution is 
available.  Go to

http://theory.lcs.mit.edu/~cis/sdsi.html

and follow the software distribution links in the paragraph about 
SDSI/SPKI 2.0.  Note that you must be a US or Canadian citizen, etc., 
to get this software.  

The following binary builds are available:

sdsi20-0.4.0-sparc-sun-sunos4.1.4.tar.gz
sdsi20-0.4.0-sparc-sun-solaris2.5.1.tar.gz
sdsi20-0.4.0-i386-pc-solaris2.6.tar.gz
sdsi20-0.4.0-i386-unknown-netbsd1.1.tar.gz
sdsi20-0.4.0-mips-sgi-irix5.3.tar.gz

An Intel Linux build will hopefully be available soon.

These are all built from the source distribution:

sdsi20-0.4.0.tar.gz

As usual, many bugs were fixed in this release.  See ChangeLog in the source
distribution for the details.

More general notes from the 0.4.0 README:

Release 0.4.0
-------------

This code now requires (sequence )s to conform to the expected grammer
in the structure-06 draft, i.e., it supports the macro "def" and "ref"
mechanism, and, if threshold subject support is compiled in, the
"process-threshold" mechanism.  It will reject sequences that use
the old (do hash ) or old (do k-of-n) directives.

DSA support has been finished, and is compiled into the library by
default.  This means that SDSI2_FEATURE_STRUCTURE6_SIGS is defined by
default; since this changes the grammar for signatures to match what
is expected in the structure-06 draft, earlier signatures will break.
See the applicable blurb in the 0.3.0 notes of the README for details.

PGP support has been extended to handle what I believe to be the
majority of PGP 5.0 keyrings.  If your PGP private keyring uses IDEA
or CAST5 with MD5 or SHA1 to seal the secrets, sdsi2sh should be able
to read it.  PGP DSA keys are fully supported.

The SDSI distribution now includes MIT-written multi-precision integer
and DES libraries.  This means that you don't have to track down and
compile GNU MP and Eric Young's libdes if you don't want to.  If you
do still want to compile with one or both of these other libraries,
you can - see the main documentation for instructions on when you may
want to, and how.

The reduction code has been completely rewritten.  It's separated out
from sequences, in its own little internal API.  You step a reduction
with rules until you run out of them, and then you can get out the
conclusion that results from those rules.  It's possible to reduce
a whole (sequence ) into its equivalent (cert ), or to just reduce
two (cert )s into one.

The cache API has changed considerably, to present the face of a
generic S-expression cache.  sdsi2_cache_add_search_term is a single
function used for incrementally building a cache query, that works a
lot more intuitively than the old add_search_.._term functions did.
The actual cache format has not changed.

The ugly story of unparsing S-expressions, or filling a sdsi2Sexp, has
been completely retold.  It is now possible to allocate a new
sdsi2Stream, simply "push" canonical elements (like whole sdsi2Sexp *,
sdsi2ByteString *, integers, etc.) onto it, and then just call
sdsi2_sexp_parse to have it parse that into a new sdsi2Sexp.

Two new commands have been added to sdsi2sh: "load" and "save" allow
you to load a variable from and save a variable to a file.

Matt

-- 
Matt Fredette
[email protected], [email protected], [email protected]
http://mit.edu/fredette/www
"The first time the Rolling Stones played, three people came."