Has AutoCrypt or DC been audited?
1 Like
in October 2019, there was an audit over the underlying crypto engine, GitHub - rpgp/rpgp: Pure rust implementation of OpenPGP (was announced in May 2019 here)
. We will soon publish the full review report. Further independent security reviews are upcoming.
Is there a public timeline for any of these?
Hopefully in March we get to publish about the first security review. If you want to see the report earlier please mail me at holger at merlinux eu. The second review is probably finished by mid 2020, there still are some timing issues.
Any news on the audit? Also, has there been any work done on reproducible builds?