[openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

Emilia Käsper emilia at openssl.org
Tue Nov 17 12:21:03 UTC 2015

On Tue, Nov 17, 2015 at 11:12 AM, Jeffrey Walton <noloader at gmail.com> wrote:

> > MD2 - (The argument that someone somewhere may want to keep verifying old
> > MD2 signatures on self-signed certs doesn't seem like a compelling enough
> > reason to me. It's been disabled by default since OpenSSL 1.0.0.)
> > ...
> Apple still provides two Verisign certificates using
> md2WithRSAEncryption. Confer,
> https://support.apple.com/en-us/HT203065.

Setting aside the debate of whether verifying trust store signatures is
useful, whether verifying MD2 signatures has any practical security value,
or whether OpenSSL + iOS is a meaningful combination:

This is iOS7. The current release is iOS9 (trust store here:
https://support.apple.com/en-us/HT205205, MD2 certs are gone).

Arguments like this illustrate a fundamental misunderstanding in this
thread. We are not pulling the carpet from any users TODAY. We are asking
whether there are applications that will need this code 2..3..5 years down
the line. When I referred to the fact that users of 1.1 will have to
recompile, I didn't mean that errors would be revealed by recompilation. I
meant that you would have to be an actively maintained application or
library, and be doing a new release, and be stuck using an old algorithm,
to even be impacted by this change.

> Jeff
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151117/3c75b1ed/attachment.html>

More information about the openssl-users mailing list