Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 20 Jun 1995 16:57:22 +0200
From:      Mark Murray <mark@grondar.za>
To:        rgrimes@gndrsh.aac.dev.com, Wollman@halloran-eldar.lcs.mit.edu, gibbs@freefall.cdrom.com, current@freebsd.org
Subject:   The great crypt reshuffle
Message-ID:  <199506201457.QAA02441@grumble.grondar.za>

next in thread | raw e-mail | index | archive | help
Hi

There has been good discussion over the last couple of days, and this
is an attempt to summarise the concensus so far, and turn it into an
agreed-upon proposal. Where I have gotten wrong, please gently correct,
where I have forgotten please remind etc...

1) The DES library is to move from eBones to secure/lib/libdes.
   des.h (the public header for this library) moves from
   /usr/include/kerberosIV to /usr/include, and to be updated with
   much more recent code from Eric Young, the original author.
2) crypt(3) and friends in libcipher to be replaced with faster code
   from same author as libdes, and to merge with libdes. (I know, not
   much concensus here - I'm just pushing my luck)
3) libcrypts containing _only_ des crypt(3) and md5 crypt(3) to remain
   unchanged (Except perhaps for newer code in des crypt(3)) to maintain
   possible foreign licensing. One selected as the _real_ libcrypt by
   symlink.
4) (Very little discussion here) Other libraries containing crypto
   code (ssl, rsa, md4, idea (where legal/appropriate)) be placed in
   secure/lib/lib*/ and turned into a separate library. Some of this
   code may cause serious trouble for owners in certain countries. (eg
   rsa in US.) The public headers for these to be placed in /usr/include
   for orthogonality with des.h in 1) above.
5) secure/usr.bin/telnet is kerberised, and as such should move to
   eBones.
6) (not discussed at all - I think) Eric Young has not touched eBones
   for _years_, and is not likely to. The code in eBones is a mess, and I
   would like to rebuild it as a lib/ include/ usr.bin/ usr.sbin/
   structure for orthogonality with secure and gnu. This is more-or-less
   how the original code looked.
7) More will follow as I start to work on it (Secure RPC etc).

M

-- 
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506201457.QAA02441>