[openssl-dev] Ubsec and Chil engines
Richard Levitte
levitte at openssl.org
Fri Feb 19 13:37:27 UTC 2016
Matt Caswell <matt at openssl.org> skrev: (19 februari 2016 14:12:28 CET)
>
>
>On 19/02/16 13:03, Tomas Mraz wrote:
>> On Pá, 2016-02-19 at 11:31 +0000, Matt Caswell wrote:
>>
>>
>>> So it seems that for chil there may possibly be some rare use (but
>>> even
>>> the most recent evidence is 4 years old). However the OpenSSL dev
>>> team
>>> do not have access to this hardware to maintain the engine and (as
>>> noted
>>> above) this is currently not building in 1.1.0.
>>>
>>> In both cases I would like to remove these engines from 1.1.0. I'd
>>> like
>>> to hear from the community if there is any active use of these. One
>>> option if there is found to be some small scale use is to spin out
>>> the
>>> engine into a separately managed repo (as has happened recently with
>>> the
>>> GOST engine).
>>>
>>> If I don't hear from anyone I will remove these.
>>
>> As far as I know there are some customers using the Chil engine with
>> RHEL (openssl-1.0.1).
>
>How do you feel about the engine being spun out into a separate repo?
>That of course assumes that a volunteer can be found to maintain it (I
>don't believe anyone on the dev team wishes to do so).
Not so fast. I've my engine-corner on github that's intended for exactly this sort of thing. I'll happily help porting engines to become independent products. In my opinion, that will serve us all.
Engine-corner is a personal project that has nothing to do with the team per se. Participation by anyone interested is welcome (frankly, engines that no one participates in *will* die, simple as that)
>
>If no such volunteer can be found how big a deal is it to remove it
>from
>1.1.0 without a replacement? Obviously it won't be taken out of
>1.0.1/1.0.2. Of course there's no reason, even if we take it out now,
>that if someone needs it badly enough in the future that they couldn't
>forward port the 1.0.2 version to 1.1.0 and maintain it themselves at
>that point.
>
>Matt
>
>--
>openssl-dev mailing list
>To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the openssl-dev
mailing list