> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Salz, Rich
> Sent: Thursday, July 09, 2015 15:29
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] Old "RSA_NET" key format
>
> > Because both methods confirm y
> Because both methods confirm your prior decisions, you therefore conclude
> that you were always right in the first place.
Provably wrong. I wanted to get rid of Netware support as the first example
that comes to mind. As the second, I want to move all uses of RC4 and MD5 to
LOW strength ci
On 09/07/2015 23:09, Salz, Rich wrote:
OpenSSL is a critical part of security in too many places for us to take on
any unnecessary technical debt.
This is a somewhat empty argument as long as no one bothers to properly
determine if a piece of code is a debt or an asset.
I claim that we are b
>> OpenSSL is a critical part of security in too many places for us to take on
>> any unnecessary technical debt.
>>This is a somewhat empty argument as long as no one bothers to properly
>>determine if a piece of code is a debt or an asset.
I claim that we are being careful and doing the prop
On 09/07/2015 21:52, Karl Vogel wrote:
On 08/07/2015 20:23, Salz, Rich wrote:
> 1. Is there any good reason to remove this code?
R> Yes. If it's not tested, reviewed, or in general use, then it's
R> more likely to be harmful (source of bugs) than useful.
On Wed, 08 Jul 2015 20:47:43 +0200
>> On 08/07/2015 20:23, Salz, Rich wrote:
> 1. Is there any good reason to remove this code?
R> Yes. If it's not tested, reviewed, or in general use, then it's
R> more likely to be harmful (source of bugs) than useful.
>> On Wed, 08 Jul 2015 20:47:43 +0200, Jakob Bohm replied:
J> That's an ov
> That's an overly general criteria, and may be the source of your mysterious
> marauding of the APIs.
Well there was no intent to be mysterious although I like the alliteration. We
did mention it in the roadmap (https://openssl.org/about/roadmap.html) .
Things are evaluated on a case-by-case
On 08/07/2015 20:23, Salz, Rich wrote:
1. Is there any good reason to remove this code?
Yes. If it's not tested, reviewed, or in general use, then it's more likely to
be harmful (source of bugs) than useful.
That's an overly general criteria, and may be the source
of your mysterious marauding
On Wed, Jul 08, 2015, Jakob Bohm wrote:
>
> 2. Is this the OpenSSL name for the private key format
> used by older Microsoft Authenticate tools (and thus
> sometimes converted to/from PKCS#12 when switching
> tool chains)?
>
AFAIK they only use "PVK" format.
Steve.
--
Dr Stephen N. Henso
> 1. Is there any good reason to remove this code?
Yes. If it's not tested, reviewed, or in general use, then it's more likely to
be harmful (source of bugs) than useful.
> 2. Is this the OpenSSL name for the private key format
>used by older Microsoft Authenticate tools (and thus
>some
On 02/07/2015 14:35, Salz, Rich wrote:
We are thinking about removing the old “RSA_NET” format for private
keys. This is used by very old Netscape and IIS.
This would remove the d2i/i2d RSA_NET API’s, and the “nss” format flag
from the openssl program. It would not remove the SPKI stuff.
We are thinking about removing the old "RSA_NET" format for private keys. This
is used by very old Netscape and IIS.
This would remove the d2i/i2d RSA_NET API's, and the "nss" format flag from the
openssl program. It would not remove the SPKI stuff.
If this would cause a problem for you, please
12 matches
Mail list logo
