From: Jeffrey Altman <[EMAIL PROTECTED]>
jaltman> I believe the rational was that if a string or symbol existed
jaltman> in the binary that contained the name of a prohibited
jaltman> algorithm then it would be that much harder to convince
jaltman> someone non-technical that the algorithm was not in fact
jaltman> being used.
Hmm, good point...
jaltman> The other reason for doing it the way it is currently done is
jaltman> to protect against the "crypto-with-a-hole" argument. If
jaltman> some countries will only approve the export of a software
jaltman> product with a specific set of algorithms at specific
jaltman> strengths, then they may refuse to export the software if it
jaltman> allows a hardware (or simulated) device to be plugged in that
jaltman> provides stronger or different algorithms.
In that case, it makes more sense to disable the ENGINE code
completely, doesn't it? Otherwise, there's no way to prove that any
part of the crypto device won't be used, especially to a non-tech
person.
>From a technical point of view, this will create a lot of difficulties
around ENGINEs, I believe, especially since the use of them is become
more dynamic with time...
jaltman> Only the first case has anything to do with the patent issue.
Hence "and other stuff like that" :-).
--
Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
