Date: Tue, 10 Feb 2015 10:01:23 -0800 From: John-Mark Gurney <jmg@funkthat.com> To: Slawa Olhovchenkov <slw@zxy.spb.ru> Cc: arch@FreeBSD.org Subject: Re: removing bdes.. Message-ID: <20150210180123.GW1953@funkthat.com> In-Reply-To: <20150210175017.GC67127@zxy.spb.ru> References: <20150209181502.GF1953@funkthat.com> <20150210151812.GB67127@zxy.spb.ru> <20150210174301.GT1953@funkthat.com> <20150210175017.GC67127@zxy.spb.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Slawa Olhovchenkov wrote this message on Tue, Feb 10, 2015 at 20:50 +0300:
> On Tue, Feb 10, 2015 at 09:43:01AM -0800, John-Mark Gurney wrote:
>
> > Slawa Olhovchenkov wrote this message on Tue, Feb 10, 2015 at 18:18 +0300:
> > > On Mon, Feb 09, 2015 at 10:15:02AM -0800, John-Mark Gurney wrote:
> > >
> > > > So, I happen to stuble across bdes recently and think we should remove
> > > > it..
> > > >
> > > > I'm fine w/ making it a port so that people who need it can use it...
> > > >
> > > > Especially considering:
> > > > The DES cipher should no longer be considered secure. Please consider
> > > > using a more modern alternative.
> > > >
> > > > Though sadly, that comment was added almost 15 years after DES was
> > > > brute forced by DEEPCrack.
> > >
> > > Clear text also insecure. Do you remove all clear text?
> >
> > If I have to answer that question for you, I don't need to respond to
> > you...
> >
> > Once you have a valid argument for keeping it, I'll respond...
>
> Keeping support for DES encrypting/decrytpting create vulnerability?
> or support difficult? What problem resolv removing DES support (and
> break compatibility)?
Support difficulty is that we have another piece of software that
needs to be maintained... Which is already demonstrated that it wasn't
maintained as it took 15 years before someone marked it as insecure...
As I said in my original email, if they need bdes, they can just
install the port... so no compatibility is broken..
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150210180123.GW1953>