[openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

Peter Waltenberg pwalten at au1.ibm.com
Mon Nov 16 21:58:36 UTC 2015 

The reason for keeping the old crypto. algorithms around is the obvious
one, that's been stated over and over. OpenSSL's SSL isn't the only
consumer of the algorithms, remove the low level algorithms and you risk
breaking more than OpenSSL.  SSH, IKE,IPSec, Kerberos and I'm sure there
are more, and the scripting languages like Perl that use OpenSSL to provide
algorithm support.

There are a lot of ecosystems built on top of OpenSSL's crypto, it's not
just SSL, and for someone like a distro. maintainer it's between a rock and
a hard place, stick with the old code and patch the security
vulnerabilities, or break stuff. Which is why them being still available in
the old code isn't a good enough answer to the problems this would create.

And in this case 'breaking stuff' is unecessary. Do what you like with TLS
in terms of pruning algorithms in use, but removing the algorithms is a lot
like burning books in a library for being irrelevant. They may be
irrelevant to you, but they aren't necessarilly irrelevant to everyone.

Peter





From:	Richard Moore <richmoore44 at gmail.com>
To:	openssl-dev at openssl.org
Cc:	openssl-users at openssl.org
Date:	17/11/2015 06:29
Subject:	Re: [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 -
            seeking feedback
Sent by:	"openssl-dev" <openssl-dev-bounces at openssl.org>




On 16 November 2015 at 19:05, Hubert Kario <hkario at redhat.com> wrote:
  Example: CAdES V1.2.2 was published in late 2000, the first serious
  attacks on MD2 were not published until 2004. I think it is not
  unreasonable for CAdES-A documents to exist today which were originally
  signed with MD2 while it was still considered secure and that are still
  relevant today, just 15 years later.


​This doesn't explain why the code needs to exist in future versions of
openssl. The previous ones aren't going to vanish and can be compiled and
used to rescue data in theoretical edge cases like this. You're making it
sound like this is making the data totally inaccessible which is not the
case.

Cheers

Rich.​ _______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151117/51395a99/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151117/51395a99/attachment-0001.gif>

More information about the openssl-dev mailing list