Hi Jakub,
thank you for starting this discussion with actual commit proposed. We
talked about this for some time already and this incident is raising
the issue more priority again. For Fedora, we do not need libgcrypt
backend, but I would certainly like to get hold of the ones who
contributed this code before we will remove it altogether (I was not
here at that time so I do not know the whole story).
IIRC this code was created in 2007 by Jean-Philippe Garcia Ballester who
wanted to make libssh suitable for debian, due to the compatibility
problems between GPL and OpenSSL's license. I do not know who worked on
libgcrypt on purpose last (e.g. with the intend of actually use
libgcrypt). I'd really like to have their opinion before taking a harsh
decision.
The Debian debate seems to be recently settled (thanks Laurent
Bigonville for the research)
http://meetbot.debian.net/debian-ftp/2020/debian-ftp.2020-03-13-20.02.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972181
On the technical note, the changeset is missing is removal of
libgcrypt reference from doc/introduction.dox (and sign-off trailers).
I've been made aware of a few typos too, I'll fix this.
The other question is whether we want to remove it now or after 0.10.0
release which should be at sight. I am still a bit hesitant to do it
from day to day without announcement and some grace-period.
I agree. let's take some time to collect feedback and let distro
maintainers some time to prepare before pulling the plug. We can add a
big fat warning in the cmake build process that libgcrypt will not be
supported anymore.
Regards,
Aris