Date: Tue, 15 Apr 2025 14:41:09 -0400 From: Ed Maste <emaste@freebsd.org> To: Dr Jim Allen <mail.lists@phinetworksystems.co.uk> Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, freebsd-security@freebsd.org Subject: Re: Heads-up: DSA key support being removed from OpenSSH Message-ID: <CAPyFy2AezDiYDU%2BiAkvCUz9T-rrhCxYKxgpG2d8ADXw9AL3D8w@mail.gmail.com> In-Reply-To: <1a1ceefc-ed0b-4602-b250-2a407dd7dbd1@mtasv.net> References: <CAPyFy2Dk0VoqLPSHxTLzBCWT_ouqU_kj4QNhN17VybMinbr6bA@mail.gmail.com> <76933d66-eff5-4d43-a7a6-98a153e71d77@rlwinm.de> <CAPyFy2DAk8wx34gEJs7L94NykyMDBzAjLo9TwQOa_SPVvEFQ3A@mail.gmail.com> <p992nn1n-p9n2-s64o-9666-o5on62nnor7s@yvfgf.mnoonqbm.arg> <1a1ceefc-ed0b-4602-b250-2a407dd7dbd1@mtasv.net>
index | next in thread | previous in thread | raw e-mail
On Thu, 10 Apr 2025 at 19:21, Dr Jim Allen <mail.lists@phinetworksystems.co.uk> wrote: > > > Two things. > > a) Why remove the build config option? > I know the code is being removed at some point, but until it is, why not > leave it as a option (defaulted off)? There's no user-facing interface to run upstream's configure script as part of the FreeBSD build system, so enabling DSA in the FreeBSD base system already required having a patched tree. Committing this removal now has no user-facing impact, but means that we can separately decide what to merge to stable branches: in particular, it is possible for us to merge 10.0p2 to stable branches with DSA support still present.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2AezDiYDU%2BiAkvCUz9T-rrhCxYKxgpG2d8ADXw9AL3D8w>