crypt(3)

Dr Paul Dale paul.dale at oracle.com
Sat Jan 18 00:47:04 UTC 2020 

Could the people who work with distros confirm this default choice or suggest what they use please?


Thanks,

Pauli
-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia




> On 18 Jan 2020, at 10:05 am, Dr Paul Dale <paul.dale at oracle.com> wrote:
> 
> I’ve made the deprecation changes to the password application.
> 
> The default has been changed from crypt to the BSD MD5 algorithm.
> 
> Pauli
> -- 
> Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
> Phone +61 7 3031 7217
> Oracle Australia
> 
> 
> 
> 
>> On 18 Jan 2020, at 9:27 am, Dr Paul Dale <paul.dale at oracle.com <mailto:paul.dale at oracle.com>> wrote:
>> 
>> Okay, it looks like the consensus is option 3 — deprecate and forget.
>> 
>> As far as I can tell, they are only used (by us) in one place outside of libcrypto, so that will deprecate as well.
>> 
>> 
>> Pauli
>> -- 
>> Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
>> Phone +61 7 3031 7217
>> Oracle Australia
>> 
>> 
>> 
>> 
>>> On 18 Jan 2020, at 6:53 am, Richard Levitte <levitte at openssl.org <mailto:levitte at openssl.org>> wrote:
>>> 
>>> Right. Such a KDF could be implemented elsewhere, as a separate project.
>>> 
>>> Cheers
>>> Richard
>>> 
>>> 
>>> Kurt Roeckx <kurt at roeckx.be <mailto:kurt at roeckx.be>> skrev: (17 januari 2020 21:35:00 CET)
>>>> On Fri, Jan 17, 2020 at 04:31:06PM +1000, Dr Paul Dale wrote:
>>>>> I’ve got several choices:
>>>>> Leave them public and unchanged — that is, don’t deprecate these two
>>>> functions yet.
>>>>> Deprecate them and add KDFs to replace them.
>>>>> Deprecate them, leave them alone and hope they go away painlessly at
>>>> some point.
>>>> 
>>>> I really see no point in adding something that we at the same time
>>>> would like to remove. Just deprecate it.
>>>> 
>>>> 
>>>> Kurt
>>> 
>>> -- 
>>> Richard by mobile
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20200118/78b05d4c/attachment.html>

More information about the openssl-project mailing list