removing bdes..
Slawa Olhovchenkov
slw at zxy.spb.ru
Tue Feb 10 17:50:21 UTC 2015
On Tue, Feb 10, 2015 at 09:43:01AM -0800, John-Mark Gurney wrote:
> Slawa Olhovchenkov wrote this message on Tue, Feb 10, 2015 at 18:18 +0300:
> > On Mon, Feb 09, 2015 at 10:15:02AM -0800, John-Mark Gurney wrote:
> >
> > > So, I happen to stuble across bdes recently and think we should remove
> > > it..
> > >
> > > I'm fine w/ making it a port so that people who need it can use it...
> > >
> > > Especially considering:
> > > The DES cipher should no longer be considered secure. Please consider
> > > using a more modern alternative.
> > >
> > > Though sadly, that comment was added almost 15 years after DES was
> > > brute forced by DEEPCrack.
> >
> > Clear text also insecure. Do you remove all clear text?
>
> If I have to answer that question for you, I don't need to respond to
> you...
>
> Once you have a valid argument for keeping it, I'll respond...
Keeping support for DES encrypting/decrytpting create vulnerability?
or support difficult? What problem resolv removing DES support (and
break compatibility)?
More information about the freebsd-arch
mailing list