MJ [m...@sci.fi] wrote: > Hello, > > I would like to inquire as to which OpenBSD RELEASE will offer the possibility > to avoid NIST crypto for everything in Base (isakmpd, openssh, openssl, https, > nginx being the key items in mind)? > > BTW, looks like things are heading in the right direction > (http://www.slideshare.net/yandex/rubsd2013-mikeben) > > And, of course, the autocipher engine would be powered by libsodium (NaCl). > > Thoughts, comments, insults, etc, are all welcome! The quantum computer is > coming soon to a theatre near you. >
For instance, you may have noticed that OpenSSH is moving towards an openssl-free mode by importing NaCl components directly? One problem with abandoning OpenSSL is that you lose SSL, TLS, (oh, and everything has to be rewritten to use NaCl, and is now incompatible with everything else.) So what you see with OpenSSH is the first attempt at doing this, and it will only be compatible with other people also using new OpenSSH. The issue is compatbility.
