Date: Sun, 7 Aug 2016 08:40:14 -0600 From: Warner Losh <wlosh@bsdimp.com> To: Andrey Chernov <ache@freebsd.org> Cc: Slawa Olhovchenkov <slw@zxy.spb.ru>, Bruce Simpson <bms@fastmail.net>, Oliver Pinter <oliver.pinter@hardenedbsd.org>, svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@freebsd.org> Subject: Re: svn commit: r303716 - head/crypto/openssh Message-ID: <4D28752C-0584-4294-9250-FA88B0C6E805@bsdimp.com> In-Reply-To: <7237f5e6-fd65-a7e5-7751-4ed1c464b39a@freebsd.org> References: <201608031608.u73G8Mjq055909@repo.freebsd.org> <d419bddd-fe56-bc11-8965-142ca0b94ebc@fastmail.net> <9a01870a-d99d-13a2-54bd-01d32616263c@fastmail.net> <CAPQ4fftQ30_aqU8V_ea-WEKBdMZs5H9Rwxnfa0crid_df049nQ@mail.gmail.com> <b99c06ac-82d6-ccda-419c-2ece5be4636f@fastmail.net> <30e655d1-1df7-5e2a-fccb-269e3cea4684@freebsd.org> <20160807125227.GC22212@zxy.spb.ru> <7237f5e6-fd65-a7e5-7751-4ed1c464b39a@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Aug 7, 2016, at 7:21 AM, Andrey Chernov <ache@freebsd.org> wrote: >>=20 >>> We can't turn our security >>> team into compatibility team, by constantly restoring removed code, = such >>> code quickly becomes outdated and may add new security holes even = being >>> inactive. >>=20 >> What is security hole by present this ciphers in _client_? >=20 > It is obvious, but it will be better for you to ask openssh author = about > his decisions, I have no intention to act like explainer of his = action. That=E2=80=99s a cop-out answer. We, as a project, need to articulate to = our users, whom we care about, why this rather obnoxious hit to usability was taken. The answer must be more complete than =E2=80=9CWe just = disabled it because upstream disabled it for reasons we=E2=80=99re too lazy to = explain or document how to work around" Warner=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D28752C-0584-4294-9250-FA88B0C6E805>