Could the people who work with distros confirm this default choice or suggest what they use please?
Thanks, Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 18 Jan 2020, at 10:05 am, Dr Paul Dale <paul.d...@oracle.com> wrote: > > I’ve made the deprecation changes to the password application. > > The default has been changed from crypt to the BSD MD5 algorithm. > > Pauli > -- > Dr Paul Dale | Distinguished Architect | Cryptographic Foundations > Phone +61 7 3031 7217 > Oracle Australia > > > > >> On 18 Jan 2020, at 9:27 am, Dr Paul Dale <paul.d...@oracle.com >> <mailto:paul.d...@oracle.com>> wrote: >> >> Okay, it looks like the consensus is option 3 — deprecate and forget. >> >> As far as I can tell, they are only used (by us) in one place outside of >> libcrypto, so that will deprecate as well. >> >> >> Pauli >> -- >> Dr Paul Dale | Distinguished Architect | Cryptographic Foundations >> Phone +61 7 3031 7217 >> Oracle Australia >> >> >> >> >>> On 18 Jan 2020, at 6:53 am, Richard Levitte <levi...@openssl.org >>> <mailto:levi...@openssl.org>> wrote: >>> >>> Right. Such a KDF could be implemented elsewhere, as a separate project. >>> >>> Cheers >>> Richard >>> >>> >>> Kurt Roeckx <k...@roeckx.be <mailto:k...@roeckx.be>> skrev: (17 januari >>> 2020 21:35:00 CET) >>>> On Fri, Jan 17, 2020 at 04:31:06PM +1000, Dr Paul Dale wrote: >>>>> I’ve got several choices: >>>>> Leave them public and unchanged — that is, don’t deprecate these two >>>> functions yet. >>>>> Deprecate them and add KDFs to replace them. >>>>> Deprecate them, leave them alone and hope they go away painlessly at >>>> some point. >>>> >>>> I really see no point in adding something that we at the same time >>>> would like to remove. Just deprecate it. >>>> >>>> >>>> Kurt >>> >>> -- >>> Richard by mobile >> >
