readme: I think the crypto works

author: Runxi Yu <me@runxiyu.org> 2025-03-24 22:38:22 +0800
committer: Runxi Yu <me@runxiyu.org> 2025-03-24 22:38:22 +0800
commit: 0cebfb632a53060010acd03f08828e3733615a71 (patch)
tree: a680e7736af1022f3f35f054936bcb71da21effb
parent: Add .editorconfig (diff)
download: powxy-0cebfb632a53060010acd03f08828e3733615a71.tar.gz
powxy-0cebfb632a53060010acd03f08828e3733615a71.tar.zst
powxy-0cebfb632a53060010acd03f08828e3733615a71.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/README.md b/README.md
index 4761cb1..0662193 100644
--- a/README.md
+++ b/README.md
@@ -36,8 +36,9 @@ provided near the HTML form, and submit their nonce manually.
 
 ## Bugs
 
-- **The cryptography hasn't been audited.** I wrote this after a tiring school
-  week and this definitely needs some review.
+- **The cryptography hasn't been fully audited.** I wrote this after a tiring
+  school week and this definitely needs some review from external parties,
+  although I checked the HMACing myself and I think it's sound.
 - We should allow Git clients and RSS readers.
 - If a user is attempting to submit a POST request but their powxy cookie is
   invalid, powxy would redirect them to a challenge, and their POST data will
author	Runxi Yu <me@runxiyu.org>	2025-03-24 22:38:22 +0800
committer	Runxi Yu <me@runxiyu.org>	2025-03-24 22:38:22 +0800
commit	0cebfb632a53060010acd03f08828e3733615a71 (patch)
tree	a680e7736af1022f3f35f054936bcb71da21effb
parent	Add .editorconfig (diff)
download	powxy-0cebfb632a53060010acd03f08828e3733615a71.tar.gz powxy-0cebfb632a53060010acd03f08828e3733615a71.tar.zst powxy-0cebfb632a53060010acd03f08828e3733615a71.zip