[openssl-dev] A new openssl engine
Dmitry Belyavsky
beldmit at gmail.com
Thu Jun 25 21:08:04 UTC 2015
Hello Viktor,
On Thu, Jun 25, 2015 at 11:58 PM, Viktor Dukhovni <
openssl-users at dukhovni.org> wrote:
> On Thu, Jun 25, 2015 at 10:48:08PM +0200, Kurt Roeckx wrote:
>
> > On Thu, Jun 25, 2015 at 11:36:58PM +0300, Dmitry Belyavsky wrote:
> > >
> > > BTW, what does the OpenSSL Team plan regarding the GOST engine?
> >
> > I think some of us want to get rid of it, because it's rather
> > crappy code.
>
> I think that if GOST is really going to be a supported set of
> algorithms, then it should not be an engine, and should be integrated
> properly, with robust well written and carefully reviewed code.
>
Well, if GOST algorithms become 1st-class citizens, it can solve some
problems. I think it is possible to find some programmers (including me)
who are ready to participate in this work.
>
> The current engine is IMHO not a good long-term vehicle for providing
> GOST support to OpenSSL users.
>
Sure. For example, GOST94 signature algorithm is deprecated.
But the current engine can be used to demonstrate the proper way to provide
new algorithms through engine.
Thank you!
--
SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150626/02c21db2/attachment.html>
More information about the openssl-dev
mailing list