On Mon, 15 May 2000, Jordan K. Hubbard wrote:
> > Err, well it still requires openssl, which I think is firmly rooted in the
> > crypto distribution as long as we have one.
> Is it? I thought the RSAref code being pluggable gave it some
> protection, or is merely "pluggability" also classified as crypto?
> I do recall someone saying something to that effect once...
It used to be enough.
But I'm suddenly confused what you're actually talking about
here: OpenSSH, OpenSSL, or RSAREF.
OpenSSH has never included crypto code, but it's useless without OpenSSL
which quite certainly does. OpenSSH no longer requires RSAREF to operate
(if you've got clients/servers willing to do DSA SSH2), which is the
"non-free" component I was talking about.
OTOH, if you're talking about being able to unify the freefall and
internat CVS repositories wrt OpenSSH, we could also probably do this
today as well (after you've checked and got that legal advice I've been
bugging you about :)
OTGH, what *were* you talking about? :-)
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <[EMAIL PROTECTED]>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message