[openssl-dev] A new openssl engine
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Jun 25 15:45:56 UTC 2015
On Thu, Jun 25, 2015 at 04:34:34PM +0100, Matt Caswell wrote:
> Whether such a patch would be accepted though is an entirely different
> thing. Personally I would prefer new engines to be maintained outside of
> the OpenSSL tree. Inclusion in the OpenSSL tree implies that the OpenSSL
> dev team will support the code. That becomes very difficult/impossible
> if we do not have access to the hardware.
In addition, in order to not dig the hole we're in deeper, the
contributed code would have to be high quality code. That is,
clearly written, sensibly commented and well documented.
All in all, it seems unlikely that new engines will become part of
the OpenSSL official distribution. If anything, some existing
engines are likely to be retired.
--
Viktor.
More information about the openssl-dev
mailing list