[openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback
Richard Levitte
levitte at openssl.org
Sun Nov 15 12:11:37 UTC 2015
In message <564846E4.4060403 at artisanlogiciel.net> on Sun, 15 Nov 2015 09:48:36 +0100, pl <pl at artisanlogiciel.net> said:
pl> On 14/11/2015 18:32, Viktor Dukhovni wrote:
pl> > The proposed list was:
pl> >
pl> > CAST
pl> > IDEA
pl> > MDC2
pl> > MD2 [ already disabled by default ]
pl> > RC5 [ already disabled by default ]
pl> > RIPEMD
pl> > SEED
pl> > WHIRLPOOL
pl> > ALL BINARY ELLIPTIC CURVES
pl> >
pl> > If I were to guess, it would be that the base crypto implementations
pl> > of IDEA, SEED and binary elliptic curves need to stay. We could
pl> > perhaps get away with removing CAST and RIPEMD. No idea about the
pl> > rest.
pl> >
pl>
pl> It is perhaps time to split crypto library in two libraries
pl> libcryptolegacy and libcryptostrong...
pl>
pl> My two cents.
I though could be to make a "legacy" engine that holds the removed
crypto algos. It could be maintained outside of mainstream OpenSSL,
really by anyone...
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-dev
mailing list