On 25/06/15 21:58, Viktor Dukhovni wrote: > On Thu, Jun 25, 2015 at 10:48:08PM +0200, Kurt Roeckx wrote: > >> On Thu, Jun 25, 2015 at 11:36:58PM +0300, Dmitry Belyavsky wrote: >>> >>> BTW, what does the OpenSSL Team plan regarding the GOST engine? >> >> I think some of us want to get rid of it, because it's rather >> crappy code. > > I think that if GOST is really going to be a supported set of > algorithms, then it should not be an engine, and should be integrated > properly, with robust well written and carefully reviewed code. > > The current engine is IMHO not a good long-term vehicle for providing > GOST support to OpenSSL users. >
I don't see GOST being integrated as a first class citizen in the near future unless a member of the dev team volunteers to own it. So far I've not seen any evidence of that happening (although to be fair I've not asked the question until now!). In the absence of such an owner stepping forward, my preferred solution is to spin GOST out as a separately maintained engine - if we could find someone willing to take it on. Of course there's nothing to stop us doing both, i.e. in the short term spin it out as a separate engine whilst looking towards a longer term plan of integrating it as a first class citizen. Matt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
