Currently Octavo seems to pay very little attention to resisting side-channel attacks (see e.g. the use of data-dependent array indices in blowfish and the use of noncryptographic big integers in RSA). While this isn't critical for some cryptographic settings, many applications (e.g. TLS) can easily be broken by timing attacks. Octavo should probably decide what its plan is.
Currently Octavo seems to pay very little attention to resisting side-channel attacks (see e.g. the use of data-dependent array indices in blowfish and the use of noncryptographic big integers in RSA). While this isn't critical for some cryptographic settings, many applications (e.g. TLS) can easily be broken by timing attacks. Octavo should probably decide what its plan is.