Current status of --enable-crypto
Eric S. Raymond
esr at thyrsus.com
Fri Jan 27 20:20:21 UTC 2017
Mark Atwood <fallenpegasus at gmail.com>:
> We do need to get wacking on the weeds on removing more of this thicket.
Here are our constraints:
* Daniel has stated that he prefers the OpenSSL implementations of MD5 and
SHA-1. He's our crypto expert, so he gets to make that call and I would
have no grounds to even argue with it.
* We have beem warned that these might be removed from OpenSSL in the
unspecified future.
* libsodium does not carry MD5 and SHA-1, and won't for the same reason
that they might be removed
Therefore, here are our options:
1. Make OpenSSL a required library and remove the local MD5/SHA-1. Daniel gets
his optimizations, I get to remove code, and all is happy unless the axe
falls and MD5/SHA-1 are removed from OpenSSL.
2. Do nothing. OpenSSL remains optional and we're covered against OpenSSL
yanking those festures.
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
More information about the devel
mailing list