Lewis McCarthy wrote:
>
> Hi,
>
> Evan Carew wrote re: MD4:
> > Because if it is bundled into a standard package such as this you can
> > ship source or executable code designed to link to it that will do
> > things like crack open NT boxes that still use it. Recently, while at
> > a major bank in the US Midwest, I had occasion to need a way to get
> > into an NT domain as the administrator to fix some problems the
> > certified MS Winsowz weenies had gotten themselves into.
> [...]
>
> It sounds like you're talking about using MD4 as part of something
> else, not as part of SSL or TLS. I see OpenSSL as an SSL/TLS
> library, not as a generic crypto library or a general purpose
> library. (There's no shortage of free libraries in those latter
> categories.) Putting stuff into OpenSSL that no-one's gonna use for
> doing SSL/TLS stuff strikes me as wasteful. Sure, it's possible to
> toss in everything but the kitchen sink, but do we really need to
> reinvent PERL?
>
> If there's a rumor of somebody somewhere running SSL or TLS with
> some funky MD4-based ciphersuite, then that's a different story.
>
Well I see OpenSSL as a generic crypto library, an ASN1 library, SSL/TLS
and a few other things besides. There are lots of things in OpenSSL that
aren't just SSL/TLS related.
Other algorithms already exist such as blowfish, cast, RC5 etc.
There is also lots of additional functionality such as S/MIME, CA
services and so on.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]