1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
#include 'common.wml' page="Summer of code"
<p> This year we participate in Google Summer of code under
<a href="http://www.gnu.org/software/soc-projects/ideas-2012.html">the GNU project umbrella</a>.
To discuss ideas you may use the <a href="https://lists.gnu.org/mailman/listinfo/gnutls-devel">gnutls mailing lists</a>.
To propose a project follow the information in the
<a href="http://www.google-melange.com/gsoc/homepage/google/gsoc2012">Google summer of code 2012 site</a>.
</p>
<p>
<a name="about"><b>GnuTLS project ideas for summer of code</b></a>
<ul>
<li><b>Strict certificate path validation.</b>
<p>
Currently GnuTLS implements a simple and straightforward
certificate path validation algorithm. However a complete
validation algorithm, such as the one described in <a href="http://tools.ietf.org/html/rfc5280">RFC5280</a>,
requires the consideration of several factors that are currently ignored
(certificate policies, path constraints etc).
The target of this project is to implement the complete certificate path validation algorithm from RFC5280.
</p>
<p>
<b>Difficulty:</b> medium<br>
<b>Requirements:</b> C, git<br>
<b>Recommended:</b> familiarity with gnutls' internals<br>
<b>Mentors:</b> <a href="mailto:nmav@gnutls.org">Nikos Mavrogiannopoulos</a>, <a href="mailto:dkg@fifthhorseman.net">Daniel Kahn Gillmor</a><br>
</p>
</li>
<li><b>RSASSA-PSS signature scheme.</b>
<p>
Currently GnuTLS implements the PKCS #1 1.5 signature algorithm for
certificate and CRL signatures. This target of this project is to
enhance GnuTLS to support the <a href="http://tools.ietf.org/html/rfc3447">PKCS #1, RSASSA-PSS signature
scheme</a>.
</p>
<p>
<b>Difficulty:</b> medium<br>
<b>Requirements:</b> C, git<br>
<b>Recommended:</b> familiarity with gnutls' internals<br>
<b>Mentors:</b> <a href="mailto:nmav@gnutls.org">Nikos Mavrogiannopoulos</a>, <a href="mailto:dkg@fifthhorseman.net">Daniel Kahn Gillmor</a><br>
</p>
</li>
<li><b>TLS and DTLS extensions.</b>
<p>
Two extensions are to be implemented:
<ol>
<li>DTLS Heartbeat
<li>Certificate status request
</ol>
The former is an extension to the datagram TLS protocol described in <a href="http://tools.ietf.org/html/rfc6520">RFC6520</a> to support heartbeat messages in order to identify the status of the peer (dead or not). The latter provides a way for an HTTPS server to provide a fresh OCSP response to the client, described in RFC6066. This saves the client from the burden of having to connect to the CAs OCSP server in order to get a fresh certificate status.
</p>
<p>
<b>Difficulty:</b> medium<br>
<b>Requirements:</b> C, git<br>
<b>Mentors:</b> <a href="mailto:nmav@gnutls.org">Nikos Mavrogiannopoulos</a>, <a href="mailto:dkg@fifthhorseman.net">Daniel Kahn Gillmor</a><br>
</p>
</li>
<li><b>Faster elliptic curve scalar multiplication.</b>
<p>
Improve the scalar multiplication in elliptic curves by implementing the <a href="http://www.bmoeller.de/pdf/fastexp-icisc2002.pdf">wNAF based method</a> as well as the <a href="http://www.iacr.org/archive/ches2009/57470302/57470302.pdf">Yao-DBNS method</a>.
</p>
<p>
<b>Difficulty:</b> medium<br>
<b>Requirements:</b> C, git<br>
<b>Recommended:</b> mathematics background<br>
<b>Mentors:</b> <a href="mailto:nmav@gnutls.org">Nikos Mavrogiannopoulos</a>, <a href="mailto:dkg@fifthhorseman.net">Daniel Kahn Gillmor</a><br>
</p>
</li>
<li><b>Implementation of additional encryption schemas for PKCS #12 and PKCS #8</b>
<p>
Improve the support for encrypted private keys and certificates, by implementing the algorithms and formats used by other popular implementations (openssl, windows).
</p>
<p>
<b>Difficulty:</b> medium<br>
<b>Requirements:</b> C, git<br>
<b>Recommended:</b> familiarity with gnutls' internals<br>
<b>Mentors:</b> <a href="mailto:nmav@gnutls.org">Nikos Mavrogiannopoulos</a>, <a href="mailto:dkg@fifthhorseman.net">Daniel Kahn Gillmor</a><br>
</p>
</li>
</ul>
</p>
#include 'bottom.wml'
|
