Date: Fri, 10 Dec 2004 23:54:53 -0800 From: Marcel Moolenaar <marcel@xcllnt.net> To: Colin Percival <colin.percival@wadham.ox.ac.uk> Cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code Message-ID: <F0FE3641-4B49-11D9-847B-000D93C47836@xcllnt.net> In-Reply-To: <41BA6BDE.5070909@wadham.ox.ac.uk> References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 10, 2004, at 7:39 PM, Colin Percival wrote: > I'm not quite sure I understand what you're saying here. The entire > point > of this discussion is that bringing my RSA code into the base systme > is an > obvious first step towards bringing FreeBSD Update into the base > system, > which is something I've been asked countless times (by both committers > and > users) to do. I may have missed this, but can openssl(1) be used at all or do you need functionality not present in openssl(1)? The reason I ask is that arguments about security issues, code size and performance are mostly second order and highly subjective. I recall you mentioned that using openssl(1) resulted in a "large" binary and gave a size that's simply not the worth the fuzz if you ask me (it was less than .5MB -- I don't even care if there's an error margin of 50%, it's not worth my consideration. YMMV). My point is that if you can use openssl(1), do so. Import FreeBSD update and make it work on all platforms. If there's a genuine need, backed by requests that openssl(1) should be replaced because it has some negative characteristics that hamper development, usability or whatever, then (and only then) can we meaningfully discuss and argue whether such replacement is worth it. At this time I don't see a need at all. I do see a need to have FreeBSD update work on all platforms and that would be my first requirement for putting FreeBSD update in the base system. My 0.02 smurfs, -- Marcel Moolenaar USPA: A-39004 marcel@xcllnt.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F0FE3641-4B49-11D9-847B-000D93C47836>