Clipperz open source projects

Clipperz is the sponsor of 2 open source projects: the Javascript Crypto Library and of course the very Clipperz Password Manager. Both projects are hosted on GitHub.

Javascript Crypto Library Clipperz Password Manager
a Javascript repository of fast, cross-browser cryptographic algorithms (license: BSD) for those who wants to inspect the code of the online vault or run a local instance (license: AGPL v3)

Why crypto code wants to be open

A fundamental assumption in cryptanalysis, first enunciated by August Kerckhoffs in the nineteenth century, is that the secrecy must reside entirely in the key. Kerckhoffs assumes that the cryptanalyst has complete details of the cryptographic algorithm and implementation. It was reformulated by Claude Shannon as “the enemy knows the system”.

There’s been a lot of debate by security practitioners about the impact of open source approaches on security. Clipperz stays on the side of security expert Bruce Schneier when he says:

In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. For us, open source isn’t just a business model, it’s smart engineering practice. (source)

And along the same lines is Vincent Rijmen, co-author of the AES algorithm:

Not only because more people can look at it, but, more importantly, because the model forces people to write more clear code, and to adhere to standards. This in turn facilitates security reviews.” (source)

How to contribute

If you are a coder, please download and sign the Clipperz Contributor Agreement before submitting code to the community. This enables a single entity, Clipperz Srl, to represent the aggregated code base and gives the community flexibility to act as a whole to changing situations. Then …1

  • Learn about Clipperz open source projects here and here
  • Start small, with one-line changes to existing code
  • Start off commenting existing code where it needs it
  • Write some documentation on the architecture of the code
  • Experiment by making changes to your local copy of the code
  • Test your code thoroughly before you submit it
  • Adhere to the maintainer’s coding and formatting standards
  • Don’t get discouraged when your contributions are rejected
  • Donate some money to the projects

If you are not a coder …

  • Submit bug reports
  • Suggest new features and make other comments
  • Help write good documentation
  • Translate the documentation into another language
  • Correct spelling and grammar mistakes in documentation
  • Create diagrams, screen-shots, and graphics for documentation
  • Help other people learn how to use Clipperz software and services by answering questions on forums, discussion groups and mailing lists
  • Donate some money to the projects
  1. Thanks to Scott Granneman) for this list