Crypto tangle

Mark Atwood fallenpegasus at gmail.com
Fri Jan 27 18:17:40 UTC 2017


Can libsodium upstream take a pull request that adds the hash functions
that we need?

On Fri, Jan 27, 2017 at 7:40 AM Eric S. Raymond <esr at thyrsus.com> wrote:

> Hal Murray <hmurray at megapathdsl.net>:
> > We currently have 2 and 1/4 crypto packages.  That seems like the sort of
> > things you like to clean up.
>
> Yes.
>
> > I would have said we have 2 1/2, but somebody deleted half of the 1/2.  I
> > assume that was part of the --enable-crypto cleanup.  There used to be
> > routines in libisc for MD5 and SHA1.  md5.c is gone, but sha1.c is still
> > there.  There are also 2 header files in libisc/include/isc/: md5.h and
> sha1.h
>
> md5.c isn't gone, it's in libntp.c.  It's clearly the ISC code, so somebody
> moved it there.  Might have been me, though I do not remember doing this.
>
> > We need sodium and OpenSSL.  I don't know much about either, but 2 seems
> like
> > the wrong number.  Do we really need both?  If so, why?  I think we
> should
> > have a paragraph someplace explaining why etc.
>
> It depends on which MAC algorithms we want to support, a question I've
> opened
> in a recent email.  It looks like libsodium's support for hash functions in
> our set is limited to SHA-2, so libsodium can't replace OpenSSL.
>
> > We also need pointers to the documentation.  I think I'd vote for a web
> page
> > on our main web site with links to documentation for C99, POSIX, and all
> the
> > packages we need.
>
> I am *strongly* against creating a separate web page for this.  I like
> a single point of truth, and I write all our internal docs (including
> INSTALL) in asciidoc exactly so they can be rendered to HTML and exposed
> on the website when we deem it useful.
>
> Therefore, no, not a separate web page.  Instead, I request that the
> infrastructure crew provide us with a facility to expose, as HTML on
> the website, selected asciidoc pages that are *not* under docs/.
>
> Then, INSTALL can be first on that list.
> --
>                 <a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
> _______________________________________________
> devel mailing list
> devel at ntpsec.org
> http://lists.ntpsec.org/mailman/listinfo/devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20170127/4eb6f0ba/attachment.html>


More information about the devel mailing list