svn commit: r303716 - head/crypto/openssh
Andrey Chernov
ache at freebsd.org
Sun Aug 7 13:21:15 UTC 2016
On 07.08.2016 15:52, Slawa Olhovchenkov wrote:
>> You should address your complains to original openssh author instead, it
>> was his decision to get rid of weak algos. In my personal opinion, if
>> your hardware is outdated, just drop it out.
>
> Hardware outdated by outdated main function, not by outdated ssh
> upstream.
There are too many reason for outdating hardware without losing its main
function in real world. But I don't want to conduct a lecture. As I
already say, it is just my personal opinion.
>
>> We can't turn our security
>> team into compatibility team, by constantly restoring removed code, such
>> code quickly becomes outdated and may add new security holes even being
>> inactive.
>
> What is security hole by present this ciphers in _client_?
It is obvious, but it will be better for you to ask openssh author about
his decisions, I have no intention to act like explainer of his action.
More information about the svn-src-all
mailing list