On Mon, Jul 11, 2016 at 07:48:44PM +0300, Andrey Chernov wrote:
> On 11.07.2016 19:29, Slawa Olhovchenkov wrote:
> > On Mon, Jul 11, 2016 at 11:04:33AM -0500, Mark Felder wrote:
> >> On Mon, Jul 11, 2016, at 05:29, Slawa Olhovchenkov wrote:
> >>> I.e. GOST will be available in openssl.
> >>> Under BSD-like license.
> >>> Can be this engine import in base system and enabled at time 1.1.0?
> >>> And can be GOST enabled now?
> >> I think the wrong question is being asked here. Instead we need to focus
> >> on decoupling openssl from base so this can all be handled by ports.
> > This is wrong direction with current policy.
> > ports: unsupported by FreeBSD core and securite team, no guaranted to
> > comaptible
> > between options and applications.
> > base: supported by FreeBSD core and securite team, covered by CI,
> > checked for forward and backward API and ABI compatibility.
> Ports are supported by secteam, and recently I notice "headsup" mail
> with intention to make base openssl private and switch all ports to
> security/openssl port.
I mean `support` is commit reviewing, auditing and etc.
Secteam do it for ports?
> Adding of GOST as 3rd party plugin is technically possible in both
> (base, ports) cases, the rest of decision is up to FreeBSD openssl
> maintainers and possible contributors efforts.
> I need to specially point to "patches" section of the 3rd party GOST
> plugin, from just viewing I don't understand, are those additional
> openssl patches should be applied to openssl for GOST, or they are just
> reflect existent changes in the openssl.
> freebsd-secur...@freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
email@example.com mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"