On Tue, Jul 06, 2021 at 02:11:21PM -0400, Michael Stone wrote: [...]
> It's entirely too common for obsolete encryption options that are > kept for "compatibility" end up being a vector for compromise, and > entirely reasonable to remove such options in order to provide the > most secure and maintainable tool for the vast majority of users. That's the attitude of authoritarian software: "my software is smarter than you". The authors are free to hold that position, but so am I to utterly dislike it. > If you want ancient crypto options, just run an ancient binary. > They're very easy to find in archive.debian.org. They're not as easy to run as soon as they start being outrun by their dependencie's versions, and you perfectly know that. > Of course, the real answer is to not purchase products with "secure" > management that can't be upgraded when it becomes "insecure" > management. See above. To me, this is a dangerous antipattern. Cheers - t
signature.asc
Description: Digital signature