[openssl-dev] Kerberos
John Denker
ssx at av8n.com
Sat May 9 18:45:07 UTC 2015
On 05/09/2015 05:21 AM, Douglas E Engert wrote:
>
> Removing the code might be the best thing that could happen.
It "might" be. That's hardly a ringing endorsement.
> Misuse of the older Kerberos code in OpenSSL with SSL is not as
> secure as one might think.
That's not proof -- that's not even evidence that it
is necessary to remove the code. More specifically,
it is an awfully high-handed way to inform the users
what we think is "best" for them.
As previously mentioned in a different context, it
is a bedrock principle of sound reasoning and sound
planning that one should
/Consider all the plausible scenarios./
So let's consider the following scenario: Rather
than extirpating the code, we could simply add in
a few instances of something like this:
#error This feature is insecure, obsolete, unsupported, and vehemently deprecated.
#warning This code will be removed in a future release.
and leave it that way for a couple of Debian release
cycles. That serves the purpose of communicating
with the users, without being quite so high-handed.
Also it would be good to communicate exactly what is
being deprecated. All of Kerberos? Some particular
combination of Kerberos+SSL????
In this scenario, users who wish to communicate a
reply to us can do so, on a non-emergency basis.
They can search for other ways of doing what needs
to be done, on a non-emergency basis.
More information about the openssl-dev
mailing list