Full Disclosure mailing list archives
Re: OT: best practices in formal verification and security
From: Georgi Guninski <guninski () guninski com>
Date: Mon, 30 May 2011 17:09:14 +0300
coq developers appear to do forensics this way: http://article.gmane.org/gmane.science.mathematics.logic.coq.club/6228 the academic approach (detached from current implementations imho) is: How to Believe a Machine-Checked Proof, Robert Pollack http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.72.7610&rep=rep1&type=pdf On Sat, May 14, 2011 at 08:21:13PM +0300, Georgi Guninski wrote:
sorry for OT. i am trying to convince a client a bit counterintuitive Coq proof about security is valid. i can make Coq generate .vo certificates that match the source (human forensic would be happy with this part i suppose). how do i mitigate human forensic analysis of the proof, what the human forensics will look for? any introductory books? what if the proof is big (about 3GB) and computer generated? 10x. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- OT: best practices in formal verification and security Georgi Guninski (May 14)
- Re: OT: best practices in formal verification and security Georgi Guninski (May 30)