28.04.2022 19:22, Ondřej Surý wrote:
On 28. 4. 2022, at 15:23, Michael Tokarev wrote:
Yeah. Formally we should do either one or another.
In practice I *highly* doubt anyone is using these 4
symbols, so maybe we can just disable the thing without
doing anything. I'm too lazy now to provide the
> On 28. 4. 2022, at 18:34, Michael Tokarev wrote:
>
> I see no reason to go to experimental here. I checked all rdepends
> of libldns3, - none are using any gost symbols. -exp wont do
> anything useful there I think.
Ok, then.
> But for things like this, I *think* -exp is useless, it wont
> On 28. 4. 2022, at 15:23, Michael Tokarev wrote:
>
> Yeah. Formally we should do either one or another.
> In practice I *highly* doubt anyone is using these 4
> symbols, so maybe we can just disable the thing without
> doing anything. I'm too lazy now to provide the stubs :)
Yeah, I concur.
28.04.2022 15:27, Ondřej Surý wrote:
..
Yes, it’s the old one. The 2012 hasn’t been specified for use
in DNSSEC - there was a draft, but it has expired.
Ok, that makes sense. Thank you for clarification.
Please note there are at least 4 symbols in the libldns3
library which are gost-related:
> On 28. 4. 2022, at 14:09, Michael Tokarev wrote:
>
> 27.04.2022 12:08, Ondřej Surý wrote:
>> Hi,
>> GOST has been deprecated for use in DNSSEC, and the
>> actual standard actually says it MUST NOT be used for
>> signing (and MAY be used for verification), see RFC 8624.
>> I think the best
27.04.2022 12:08, Ondřej Surý wrote:
Hi,
GOST has been deprecated for use in DNSSEC, and the
actual standard actually says it MUST NOT be used for
signing (and MAY be used for verification), see RFC 8624.
I think the best course of action here is to actually disable it
everywhere where GOST R
Hi,
GOST has been deprecated for use in DNSSEC, and the
actual standard actually says it MUST NOT be used for
signing (and MAY be used for verification), see RFC 8624.
I think the best course of action here is to actually disable it
everywhere where GOST R 34.10-2001 is used as it has
been
Regarding the following, written by "Michael Tokarev" on 2022-04-26 at 18:28
Uhr +0300:
Well, GOST comes as an add-on to libcrypto. So if you install such
an add-on on your system, everything will work. If we disable GOST
for ldns, we'll got another bugreport, saying GOST is not enabled
even
Control: tag -1 + moreinfo
On Tue, 9 May 2017 21:44:45 +0200 martin f krafft wrote:
Package: ldnsutils
Version: 1.7.0-1
Severity: normal
When trying ti use ldns-key2ds with -g, I get an error about GOST
not being available.
% ldns-key2ds -g -n _combined.key
error: libcrypto does
Package: ldnsutils
Version: 1.7.0-1
Severity: normal
When trying ti use ldns-key2ds with -g, I get an error about GOST
not being available.
% ldns-key2ds -g -n _combined.key
error: libcrypto does not provide GOST
Either the option should be disabled, or ldns-key2ds linked with
a
10 matches
Mail list logo
