[openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

Jeffrey Walton noloader at gmail.com
Tue Nov 17 17:56:16 UTC 2015


>> We can significantly reduce that liability by removing any assembler
>> optimisations. Also just because something is available doesn't mean it
>> has to be "default". We can have good defaults whilst keeping old crypto.
>
> Zooko Wilcox O'Hearn recently gave a talk at a software assurance
> conference on the downsides of assembly language routines in software.
> I'm trying to locate it now. All in all, this is probably a move in
> the right direction, especially for non-contemporary algorithms, to
> help sunset them and maintain them with minimal effort.

My bad... I just talked to Zooko about the presentation. He was not
able to attend the conference, so there is no presentation to link to.

However, here is the write-up in the Tahoe-LAFS Bug Reporter:
https://tahoe-lafs.org/trac/pycryptopp/ticket/85#comment:20. It makes
the case for No-ASM. (And was the corpus of knowledge for the
presentation).

Jeff


More information about the openssl-users mailing list