Date: Fri, 22 Jan 2016 10:37:43 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Conrad Meyer <cem@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r294495 - in head: . crypto/openssh Message-ID: <86r3hauf88.fsf@desk.des.no> In-Reply-To: <CAG6CVpXXadnEJt%2B=tjiyhpk04LtTeiAoOqYeTn2-bsxwJjmTAw@mail.gmail.com> (Conrad Meyer's message of "Thu, 21 Jan 2016 09:31:34 -0800") References: <201601211110.u0LBAEI1081858@repo.freebsd.org> <CAG6CVpXXadnEJt%2B=tjiyhpk04LtTeiAoOqYeTn2-bsxwJjmTAw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Conrad Meyer <cem@FreeBSD.org> writes: > Are we going to maintain DSA key support after upstream deprecates it > entirely? And why? I am not aware of any plans to remove DSA support. It has simply been disabled in the default run-time configuration - unlike, for instance, libwrap, which was removed entirely, and SSHv1, which needs to be enabled at compile time. I understand that decision (although I disagree with their justification, or at least the way it was worded), but we still have users who use DSA keys and who will be locked out of their systems if we disable DSA without sufficient advance warning. I will look into what steps can be taken to deprecate DSA without causing our users too much inconvenience. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86r3hauf88.fsf>