From owner-freebsd-arch@FreeBSD.ORG Mon Dec 13 11:14:48 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 258D816A4CE for ; Mon, 13 Dec 2004 11:14:48 +0000 (GMT) Received: from gandalf.online.bg (gandalf.online.bg [217.75.128.9]) by mx1.FreeBSD.org (Postfix) with SMTP id B390743D53 for ; Mon, 13 Dec 2004 11:14:46 +0000 (GMT) (envelope-from roam@ringlet.net) Received: (qmail 30492 invoked from network); 13 Dec 2004 11:14:42 -0000 Received: from unknown (HELO straylight.ringlet.net) (213.16.36.84) by gandalf.online.bg with SMTP; 13 Dec 2004 11:14:42 -0000 Received: (qmail 60846 invoked by uid 1000); 13 Dec 2004 11:14:44 -0000 Date: Mon, 13 Dec 2004 13:14:44 +0200 From: Peter Pentchev To: Mark Murray Message-ID: <20041213111444.GC4172@straylight.m.ringlet.net> Mail-Followup-To: Mark Murray , Colin Percival , freebsd-arch@FreeBSD.ORG References: <41B9D586.5070403@wadham.ox.ac.uk> <200412101755.iBAHt55A090986@grovel.grondar.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="7qSK/uQB79J36Y4o" Content-Disposition: inline In-Reply-To: <200412101755.iBAHt55A090986@grovel.grondar.org> User-Agent: Mutt/1.5.6i cc: Colin Percival cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Dec 2004 11:14:48 -0000 --7qSK/uQB79J36Y4o Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Dec 10, 2004 at 05:55:05PM +0000, Mark Murray wrote: > Colin Percival writes: > > > Is size really a concern? > >=20 > > No. The size is a side-effect of having a minimal, highly secure, > > library, and was not a design consideration. >=20 > "New" very often means "Insecure". I'd rather see something with lots=20 > of eyes over it, and OpenSSL has the advantage of having quite a few=20 > competent crypto guys grovel through it. >=20 > I'm still inclined to say "Please stick with OpenSSL; it is the devil=20 > we know." And then, of course, there's the problem that OpenSSL doesn't work RIGHT NOW in some situations; see my two e-mails to -hackers and others (including you ;) at http://lists.freebsd.org/mailman/htdig/freebsd-hackers/2004-September/00808= 9.html http://lists.freebsd.org/mailman/htdig/freebsd-hackers/2004-September/00809= 0.html Yep, "the devil we know", indeed :) G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@cnsys.bg roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 =2Esiht ekil ti gnidaer eb d'uoy ,werbeH ni erew ecnetnes siht fI --7qSK/uQB79J36Y4o Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBvXmk7Ri2jRYZRVMRAidWAJ9Cca8cJPNDznxJuz1MSkn87TDUqQCeJdrs ReJENdPye1YOpgyvv4lg13A= =z234 -----END PGP SIGNATURE----- --7qSK/uQB79J36Y4o--