On Monday 16 November 2015 16:51:10 Emilia Käsper wrote: > IDEA, MD2, MDC2, RC5, RIPEMD, SEED, Whirlpool, binary curves > > This isn't of course entirely representative of widespread usage. > However Google's multi-billion line codebase now builds against > BoringSSL and therefore largely does not depend on these algorithms. > Those billions of lines aren't all new and shiny code written in > 2015, and some of it does have to interoperate with the outside > world. > > And here's the list gone from LibreSSL, from what I can tell: > > MD2, MDC2, RC5, SEED > > Neither have removed CAST, and there is presumably a good reason for > that. (PGP?) > > It seems to me that these can pretty safely go: > > MD2 - (The argument that someone somewhere may want to keep verifying > old MD2 signatures on self-signed certs doesn't seem like a > compelling enough reason to me. It's been disabled by default since > OpenSSL 1.0.0.) MDC2 > SEED > RC5 > > These could probably stay (C only): > > CAST > IDEA > RIPEMD (used in Bitcoin?) > WHIRLPOOL > > as well as > > BLOWFISH > MD4 > RC2 > > I am on the fence about the binary curves: I am not aware of any > usage, really, and it's not about to pick up now.
I'm afraid you're too focused on TLS/SSL use case. And while it is important it's not the only use case the OpenSSL does serve. And for what it's worth, I'm very much *for* removing as much (and as fast as possible) support for the old junk (or unused stuff - like curves < 256 bit) in TLS. Search the archives for "Insecure DEFAULT cipher set" for an example. But stuff like this: > The argument that someone somewhere may want to keep verifying > old MD2 signatures on self-signed certs is not true. I was talking about document signatures, time stamps, CRL signatures and certificate signatures in general. Not the trust anchors or their self-signatures. -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
