[email protected] wrote: > Full_Name: Gabriel Gritsch > Version: 2.4.39 > OS: Mac OS X 10.9.5 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (46.234.244.166) > > > Hi all, > > would it be possible to support Apples "Common Crypto Services" instead of > OpenSSL because the OpenSSL-functions are marked as deprecated since OS X 10.7 > and produce a lot of warnings.
If someone submits a patch for this we will of course review and consider it. But in general, it sounds like a bad idea. In light of Apple's now-infamous "goto fail" bug http://www.zdnet.com/apples-goto-fail-tells-us-nothing-good-about-cupertinos-software-delivery-process-7000027449/ it would be poor practice to migrate away from a security package that is now receiving broad and in-depth scrutiny, to one that only has Apple's assurances behind it. Also given Apple's success rate with security in general http://online.wsj.com/articles/apple-celebrity-accounts-compromised-by-very-targeted-attack-1409683803 it seems like a poor choice. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
