WingNews logo WingNews GitHub [2]
top | item 7859668

Stripe: Open Source Retreat Grantees

116 points| gdb | 11 years ago |stripe.com | reply

14 comments

order
[+] tomblomfield|11 years ago|reply
Seems like another awesome initiative.

I'm in awe of Stripe's continued ability to win developer mindshare. It must yield huge benefits for recruitment, retention & sales.

[+] alexgartrell|11 years ago|reply
""" A clean-room implementation of TLS v1.2 by Ashwini Oruganti (an especially timely project given recent events). It's an ambituous undertaking, but she's narrowing scope by focusing on designing and implementing a "TLS API for humans" and building on top of existing lower level primitives. The project will be written as part of Python's cryptography library. """

Not to be a hater, but nothing I've ever experienced in my career has lead me to believe something like this is possible unless you're starting with openssl. Even then, the lack of a code reviewer raises some eyebrows.

[+] gdb|11 years ago|reply
Yep, it's certainly a risky project, but I'm psyched to be able to fund it. Ashwini's proposal included a well-reasoned review and validation plan. Even if it ends up not being successful, I think she's approaching things from the right angle, and I'll be very glad that she tried.
[+] kingkilr|11 years ago|reply
Several of us who work on PyCA Cryptography (https://cryptography.io) will be doing code reviews (our docs outline the code review process we use).
[+] amirmc|11 years ago|reply
More people trying this and learning from previous mistakes (of others) is a good thing. For example, here's a TLS implementation in pure OCaml https://github.com/mirleft/ocaml-tls

I'm glad Stripe is helping with things like this. It raises awareness of critical things we all use and encourages others to think about getting involved.

[+] erikano|11 years ago|reply
Off topic, but I've never seen anyone use Python docstring format to quote text like that on HN. It's actually not a bad idea.
[+] joshdance|11 years ago|reply
Stripe has amazing marketing, because their marketing is an expression of their identify. They are a developer run shop and it shows. Props to the team, and congrats to the grant winners.
[+] jasonlfunk|11 years ago|reply
I'm really impressed by Velocity.js. I'm glad that Julian Shapiro is one of the winners.
[+] zimmerfrei|11 years ago|reply
Honest question: what is wrong with tlslite? Why rewrite the same thing from scratch?

Tlslite is production-grade and it is written by someone with an actual, proven track in the security field.

[+] lauradhamilton|11 years ago|reply
Seems like a cool list of projects. Interested to see how this turns out!
[+] sahat|11 years ago|reply
Congrats to the grantees! I was one of the 120 applicants who was not selected for this program. But I do hope I could work on something equally as exciting this Fall at my first job.
[+] opendais|11 years ago|reply
Congratulations to everyone and I'm especially looking forward to the TLS implementation for Python so I can dump what I'm using now. :)