Re: Bug#860771: ITP: node-diffie-hellman -- pure js diffie-hellman
On 04/20/2017 11:09 AM, Bastien ROUCARIES wrote:
> I have planned to add a big fat warning about safety of
> browserify-crypto. I am myself unease to use it but it is needed for
> browserify.
>
> Do you prefer a README.debian per pure js crypto package ?
Maybe also add something along the lines of
| For security considerations of this package please consult
| README.Debian.
to the package's extended description? (Or is that against
policy?)
> I plan to patch browserify and add a flag in order to use the crypto API.
Isn't browserify a JS minifier? Why would that need DH key
exchange anyway? I'm a bit confused here...
Regards,
Christian
Reply to: