Date: Fri, 27 Oct 2017 21:20:13 +0100 From: Ben Laurie <ben@links.org> To: Poul-Henning Kamp <phk@phk.freebsd.dk> Cc: Eric McCorkle <eric@metricspace.net>, "freebsd-security@freebsd.org security" <freebsd-security@freebsd.org>, "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>, "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: Crypto overhaul Message-ID: <CAG5KPzxGtAwV-svCv24FbZtLvxKCwX7OSyb2pPaTc63EUmFFGA@mail.gmail.com> In-Reply-To: <13959.1509132270@critter.freebsd.dk> References: <dc08792a-3215-611c-eb9f-4936a0d621f9@metricspace.net> <CAG5KPzws=jmF2wLeEAz8Lzn7Ugude=0w5neoQjeDjYnGtJpS9Q@mail.gmail.com> <13959.1509132270@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27 October 2017 at 20:24, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > -------- > In message <CAG5KPzws=jmF2wLeEAz8Lzn7Ugude=0w5neoQjeDjYnGtJpS9Q@mail.gmail.com> > , Ben Laurie writes: > >>OpenSSL includes (and is used for) lots of crypto that is not used in >>SSL - since BearSSL targets SSL/TLS only, it can't, presumably, be >>used to replace all uses of OpenSSL. > > Which implicitly raises the question if we really need all the > boatloads of crap OpenSSL drags in, or if we would be in a better > position with something simpler and saner ? Indeed it does. Perhaps worth noting that since it was staffed, OpenSSL has removed a fair amount of crap, BTW. Anyway, to answer that question will presumably require someone to either try it, or figure out what is actually needed, crypto-wise. > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG5KPzxGtAwV-svCv24FbZtLvxKCwX7OSyb2pPaTc63EUmFFGA>