[zapps-wg] Version of Rust

Peter Todd pete at petertodd.org
Thu Nov 16 19:45:14 EST 2017


On Thu, Nov 16, 2017 at 01:59:53PM -0700, Sean Bowe via zapps-wg wrote:
> I think it is the current version (1.21). I imagine it would be
> possible to modify the code (and many of the dependencies) so that it
> could compile on a really old version too.

Also, if someone does manage to do this, I have a OpenTimestamps Git timestamp(1)
on Rust crates.io crate registry:

https://github.com/petertodd/crates.io-index/commit/763a730f2275d69eb13ee8b212fc9aa0d6fe92b5

Secondly the Internet Archive contains quite a bit of uploaded software, such
as Debian install images, and via my Internet Archive timestamp project we have
timestamps from May this year for most of that:

https://petertodd.org/2017/carbon-dating-the-internet-archive-with-opentimestamps

While these timestamps would be only one part of an argument as to why a given
compile wasn't backdoored, I think it's worth using cryptographically
timestamped dependencies over non-timestamped ones when possible.


1) https://petertodd.org/2016/opentimestamps-git-integration

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: </pipermail/zapps-wg/attachments/20171116/35455d1e/attachment.sig>


More information about the zapps-wg mailing list