From owner-cvs-src@FreeBSD.ORG Wed Mar 9 20:57:35 2005 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BDC4216A4CE; Wed, 9 Mar 2005 20:57:35 +0000 (GMT) Received: from critter.freebsd.dk (f170.freebsd.dk [212.242.86.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id C9EC243D2F; Wed, 9 Mar 2005 20:57:34 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id j29KvKbG003214; Wed, 9 Mar 2005 21:57:20 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: Colin Percival From: "Poul-Henning Kamp" In-Reply-To: Your message of "Wed, 09 Mar 2005 12:33:24 PST." <422F5D94.4030702@freebsd.org> Date: Wed, 09 Mar 2005 21:57:20 +0100 Message-ID: <3213.1110401840@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: Richard Coleman cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libmd Makefile sha256.3 sha256.h sha256c.c shadriver.c src/sbin/md5 Makefile md5.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Mar 2005 20:57:35 -0000 In message <422F5D94.4030702@freebsd.org>, Colin Percival writes: >My personal feeling is that sha(384|512) are overkill on the side of >hash length and probably underkill on the side of design (considering >that they have the same basic design which has been repeatedly shown >to be vulnerable to the Chinese attack) anyway -- we really need an >AES-like process for selecting a new hash standard. As far as I can tell from the phk-bashing on that cryptographer list, SHA is the current king for the lack of something better. I will add my voice to the chorus who pine for us to have one single copy of things like hashes and encryption. And by "one single copy" I mean one shared between kernel and userland. Since all these functions are really just memcpy() overdosed on LSD, I can't see _any_ reason why the kernel and userland would need different versions, much less why different pieces of the kernel or userland would. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.