IRC logs for #trustable for Wednesday, 2016-10-12

*** fay_ has joined #trustable08:00
*** ctbruce has joined #trustable08:05
*** locallycompact has joined #trustable09:13
jmacsChrisPolin: You mentioned that someone had already coded PCI into OpenControl - is it public?10:08
ChrisPolinIt is indeed, however further inspection reveals that it doesn't contain any of the narrative text within the standard.10:09
ChrisPolinNope, disregard, it does contain the text.10:10
ChrisPolinThe NIST one doesnt.10:10
jmacsA lot of the ones I've seen are just skeletons10:11
jmacsThis is weird; keys named 'Requirement 10' and '10.2.4'10:12
paulsher1oodactually, maybe the skeleton approach is a way we could avoid the derivative work problem...10:17
paulsher1oodmaybe have description: be a precis of the actual standard, and argue fair use10:18
leemingim assuming the paywall for standards isn't going to go away any time soon then?10:19
leemingwhich is... slightly depressing and restrictive10:19
* paulsher1ood hasn't tried very hard to bring it down, yet10:19
jmacsI don't think "fair use" exists in our country10:40
leemingGerald Harris raises some interesting points on the mailing list, re mustard/requirements capture10:40
jmacsPersonally I hold copyright in high regard and am very reluctant to try and bend it, since it underpins all open source licences10:41
jmacsI think Gerald is correct about Mustard; his proposed use is what I'd expected Mustard to be used for10:53
jmacsI'll fire off a reply when I've formulated a calm argument about C++10:53
jmacsThe closed nature of all standards is becoming a sticking point10:55
leemingyes, annoyingly a lot of safety critical software is behind closed doors, standards and certs included10:58
ChrisPolinIt does pose a problem for open source trustable software. As I see it, you can only trust it as far as the paywall.10:59
leemingvery similar issue to academia though ChrisPolin ? at least there is a movement onto open publishing (forget the name)11:16
leemingopen access11:16
ChrisPolinThat's true.11:17
ChrisPolinOpen Access costs a fortune in itself though.11:17
ChrisPolinBut then, so do these standards, so the analogy holds11:18
leemingyes, it is about who foots the bill11:51
rjekBubblewrap whoops
tiagogomes_That exploit is not fixed yet in master13:33
* leeming notices he has lost the freenode channel that he discusses bwrap in14:44
* leeming assumes lars is aware14:45
*** fay_ has quit IRC15:46
jmacsDid we see yet?16:32
jmacsI remember SCAP being mentioned in the webinar but hadn't seen that site16:35
jmacsI wrote something about schema validation:
jmacsNot directly related to trustable software but it's been one of my main problems recently16:54
*** locallycompact has quit IRC17:26
*** ctbruce has quit IRC20:55
*** ctbruce has joined #trustable20:55
*** leeming has quit IRC21:19
*** leeming has joined #trustable21:23
*** ctbruce has quit IRC21:31

Generated by 2.14.0 by Marius Gedminas - find it at!