Hi. I just found this project: http://www.logix.cz/michal/devel/cryptodev/
The kernel.org mail thread, about cryptodev, starts here: http://www.ussg.iu.edu/hypermail/linux/kernel/0408.3/0250.html This kernel patch adds a /dev/crypto device so packages can use the kernel's crypto api, rather than a library like openssl (or libcrypt from libc). This allow all applications to use the same standard crypto interface/library/module. The website has a patch for openssl. Currently md5sum (from coreutils), passwd (from shadow), util-linux, openssh, and many others, each build in their own md5 library. If there were a vulnerability in md5 tommorrow we would have to investigate every installed package to check which are affected. Using a kernel module for all md5 hashes means only one module would need to be upgraded. This performs better, makes things easier to upgrade, and uses less storage space. robert
pgpBok2139KmI.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
