Crypto tangle

[Eric S. Raymond]

Hal Murray <hmurray at megapathdsl.net>:
> We currently have 2 and 1/4 crypto packages.  That seems like the sort of 
> things you like to clean up.

Yes.

> I would have said we have 2 1/2, but somebody deleted half of the 1/2.  I 
> assume that was part of the --enable-crypto cleanup.  There used to be 
> routines in libisc for MD5 and SHA1.  md5.c is gone, but sha1.c is still 
> there.  There are also 2 header files in libisc/include/isc/: md5.h and sha1.h

md5.c isn't gone, it's in libntp.c.  It's clearly the ISC code, so somebody
moved it there.  Might have been me, though I do not remember doing this.  

> We need sodium and OpenSSL.  I don't know much about either, but 2 seems like 
> the wrong number.  Do we really need both?  If so, why?  I think we should 
> have a paragraph someplace explaining why etc.

It depends on which MAC algorithms we want to support, a question I've opened
in a recent email.  It looks like libsodium's support for hash functions in
our set is limited to SHA-2, so libsodium can't replace OpenSSL.

> We also need pointers to the documentation.  I think I'd vote for a web page 
> on our main web site with links to documentation for C99, POSIX, and all the 
> packages we need.

I am *strongly* against creating a separate web page for this.  I like
a single point of truth, and I write all our internal docs (including
INSTALL) in asciidoc exactly so they can be rendered to HTML and exposed
on the website when we deem it useful.

Therefore, no, not a separate web page.  Instead, I request that the
infrastructure crew provide us with a facility to expose, as HTML on
the website, selected asciidoc pages that are *not* under docs/.

Then, INSTALL can be first on that list.
-- 
		<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>