From 0cebfb632a53060010acd03f08828e3733615a71 Mon Sep 17 00:00:00 2001 From: Runxi Yu Date: Mon, 24 Mar 2025 22:38:22 +0800 Subject: readme: I think the crypto works --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4761cb1..0662193 100644 --- a/README.md +++ b/README.md @@ -36,8 +36,9 @@ provided near the HTML form, and submit their nonce manually. ## Bugs -- **The cryptography hasn't been audited.** I wrote this after a tiring school - week and this definitely needs some review. +- **The cryptography hasn't been fully audited.** I wrote this after a tiring + school week and this definitely needs some review from external parties, + although I checked the HMACing myself and I think it's sound. - We should allow Git clients and RSS readers. - If a user is attempting to submit a POST request but their powxy cookie is invalid, powxy would redirect them to a challenge, and their POST data will -- cgit v1.2.3