Abhijit Menon-Sen wrote: > P.S. I don't know why the SRP code was removed from LibreSSL; nor am I > sure how seriously to take that. It's possible that it's only because > it's (still) rather obscure.
As I recall, the working principle of the LibreSSL guys is to remove everything that can't be understood quickly, to reduce the code base to the minimum required to support the basic features they want, and still be sure that there are little or no security holes. In a later stage their intention is to re-add interesting features as they have time to audit the code. -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
