Date: Tue, 10 Feb 2015 20:52:40 +0300 From: Slawa Olhovchenkov <slw@zxy.spb.ru> To: John-Mark Gurney <jmg@funkthat.com>, arch@FreeBSD.org Subject: Re: removing bdes.. Message-ID: <20150210175240.GD67127@zxy.spb.ru> In-Reply-To: <20150210172039.GA1071@reks> References: <20150209181502.GF1953@funkthat.com> <20150210151812.GB67127@zxy.spb.ru> <20150210172039.GA1071@reks>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 10, 2015 at 09:20:39AM -0800, Gleb Kurtsou wrote: > On (10/02/2015 18:18), Slawa Olhovchenkov wrote: > > On Mon, Feb 09, 2015 at 10:15:02AM -0800, John-Mark Gurney wrote: > > > > > So, I happen to stuble across bdes recently and think we should remove > > > it.. > > > > > > I'm fine w/ making it a port so that people who need it can use it... > > > > > > Especially considering: > > > The DES cipher should no longer be considered secure. Please consider > > > using a more modern alternative. > > > > > > Though sadly, that comment was added almost 15 years after DES was > > > brute forced by DEEPCrack. > > > > Clear text also insecure. Do you remove all clear text? > > This is rather odd argument ;) > > I'm all for removing it. openssl provides file encryption for those who > need it in base. 3DES remove too? and how to login users with password in 3DES? How to migrate old system with 3DES passwords?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150210175240.GD67127>