A short update on where we are with version 2.0.
I guess the most important to mention is the 2nd security audit is done. I haven’t seen the report yet but our lead developer Etienne has. Three small issues were found, all without an active attack vector. My conclusion so far is the 2.0 code is secure. The report will find its way to my inbox in the next weeks after which we’ll publish a similar response document as we did for the 1st security audit.
We’ve also been fixing various bugs, simplifying code and in general making things more robust. Right now Etienne is looking into making the uploads more robust without resorting to hashing for file integrity protection. The latter is too slow given currently available functionality in browsers so we need to settle for next-best: be able to detect exactly which chunks we did and did not receive. Sounds like TCP all over again doesn’t it 😉
With its required security audit almost out of the way the French NREN Renater plans to launch its public beta based on version 2.0 next week. After some weeks of public beta the plan is to move their production site to version 2.0. From the project’s point of view this means field testing will start 🙂
Before the project can release a beta we first need to get quite a number of things out of the way. Client-side testing, documentation, defining an upgrade path from 1.6 to 2.0, robust installation etc.
Are you curious to see what’s in version 2.0? Interested in trying it out?
- Install it from SVN using our 2.0-alpha installation recipe
- Try using it on my test server
- Check the available documentation for 2.0-alpha
Do you want the 2.0 release to progress faster? Help out with documenting! Send me an email on jan dot meijer at uninett dot no.