From owner-freebsd-arch@FreeBSD.ORG  Tue Feb 10 22:45:36 2015
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: arch@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id F28C130D
 for <arch@FreeBSD.org>; Tue, 10 Feb 2015 22:45:36 +0000 (UTC)
Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id A407861B
 for <arch@FreeBSD.org>; Tue, 10 Feb 2015 22:45:36 +0000 (UTC)
Received: from slw by zxy.spb.ru with local (Exim 4.84 (FreeBSD))
 (envelope-from <slw@zxy.spb.ru>)
 id 1YLJYh-0000RT-Cb; Wed, 11 Feb 2015 01:45:31 +0300
Date: Wed, 11 Feb 2015 01:45:31 +0300
From: Slawa Olhovchenkov <slw@zxy.spb.ru>
To: Ollivier Robert <roberto@keltia.net>
Subject: Re: removing bdes..
Message-ID: <20150210224531.GP3698@zxy.spb.ru>
References: <20150210151812.GB67127@zxy.spb.ru> <20150210172039.GA1071@reks>
 <20150210175240.GD67127@zxy.spb.ru>
 <20150210175852.GV1953@funkthat.com>
 <20150210180906.GI3698@zxy.spb.ru>
 <20150210181916.GY1953@funkthat.com>
 <20150210183638.GK3698@zxy.spb.ru>
 <20150210190132.GB1953@funkthat.com>
 <20150210191329.GL3698@zxy.spb.ru>
 <964BFD22-E04A-40A4-9F82-BEB1AD97EB5A@keltia.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <964BFD22-E04A-40A4-9F82-BEB1AD97EB5A@keltia.net>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: slw@zxy.spb.ru
X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false
Cc: "arch@FreeBSD.org" <arch@FreeBSD.org>, John-Mark Gurney <jmg@funkthat.com>
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Feb 2015 22:45:37 -0000

On Tue, Feb 10, 2015 at 11:05:57PM +0100, Ollivier Robert wrote:

> 
> > Hmm, as I reminder FreeBSD motto is "tools, not policies".
> > If tools work as expected -- all OK.
> 
> It is also some lines of code no one want to maintain, providing a
> false sense of security, what's the point?

No. 'security' is (at the least) protection and availability.
Unavailability for decryption is insecurity. Even for weak encryption.

> > Deny insecure crypto algorithm? Why don't force to use stong crypto
> > algorithm in all places (force disk, swap and memory encryption)?
> > Deny unencrypted network connection?
> > Deny unencrypted arhive?
> 
> That's besides the point, we are not here to keep old code for the
> sake of it, esp. Since it will be a port.  We obsolete old code all
> the time you know.  I'd say that uucp was more useful than bdes and
> we still removed it.

Removing uucp entail inconvenience for me, yes.
Thanks for keeping cu (this is part of original uucp), Linux distro
force to install minicom.

> Why making so big a fuss?

I am fuss for policy. Not for bdes as is.