On Wed, Sep 22, 2021 at 08:54:40AM -0400, Joshua Kinard wrote: > Is there any advice on how this impacts net-misc/dropbear? That has ECC > (both ECDSA and Ed25519) support, and I use it for SGI/MIPS netboot images. > The build doesn't have any bindist uses in it, and ECC support is a > localoptions.h compile-time option (enabled by default). ECC is much faster > on old SGI hardware and generating the hostkeys at bootup takes just a > second or two, whereas RSA can take up to 10-15 seconds. So I'd like to be > able to use ECC on these platforms and distribute netboot images using them. RedHat doesn't seem to disable ECC in Dropbear: https://src.fedoraproject.org/rpms/dropbear/blob/rawhide/f/dropbear.spec
Based on what they've said for OpenSSL, I would expect that they SHOULD have disabled ECC there, but there is certainly no consistency from them. Probably nobody asked legal and just shipped dropbear anyway. If you wanted to stir the pot, you could post to the Fedora legal list and ask for consistency ;-). -- Robin Hugh Johnson Gentoo Linux: Dev, Infra Lead, Foundation Treasurer E-Mail : robb...@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136
signature.asc
Description: PGP signature
