Date: Tue, 27 Apr 2004 10:08:30 +0100 From: Colin Percival <colin.percival@wadham.ox.ac.uk> To: freebsd-current@freebsd.org Subject: Removing NOCRYPT Message-ID: <6.1.0.6.1.20040427094029.03d3d218@popserver.sfu.ca>
next in thread | raw e-mail | index | archive | help
I would like to remove the NOCRYPT option from FreeBSD before 5.3-RELEASE. There are a number of good reasons for doing this: 1. NOCRYPT is almost completely untested, and in the past it has often broken (for example, there was a recent release where it was impossible to pkg_add without the cryptographic libraries.) 2. NOCRYPT has outlived its original purpose. The separation of cryptographic code from non-cryptographic code is a result of "munitions" export restrictions in the US which were changed a long time ago. 3. NOCRYPT causes major headaches. With the Kerberos options removed (or rather, Kerberos 4 removed and Kerberos 5 made manditory) this is the only remaining option which can result in certain files from the FreeBSD world existing in multiple entirely different forms. Most obviously, this complicates release-building; it also adds significant complications to FreeBSD Update. If anyone has a really good reason for keeping the NOCRYPT option, please let me know. In particular, I'd like to hear from anyone who is actually running a NOCRYPT world. Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.1.0.6.1.20040427094029.03d3d218>