Kevin Scaldeferri wrote:
My understanding is that inclusion on the Phalanx 100 doesn't constitute
any sort of endorsement of the modules. It's hopefully a statement that
the module is widely used, but not a judgment on whether it ought to be.
They are not endorsed, but they are considered "important". And it's
human nature to pay attention to top ten (or top 100) lists. Some people
will take it as an endorsement, no matter how much you tell them not to.
People drowning in seas of modules will clutch at anything if it looks
like it floats.
I would suggest that you make these reservations you expressed above
clear in the perldoc of the module. (Maybe it already it; I didn't check.)
Beyond that, though, the Phalanx project has always stated that they
want to work with authors, not against them, so if you want to remove
your module from the project it's absolutely your prerogative. However,
perhaps I and others can convince you that there is value in
participating. (I.e., even if the module is slow and cryptographically
weak, it seems to be widely used so there is an argument for ensuring it
works as well as it can within the bounds of what it tries to do.)
Yes, but which is the cause, and which is the effect?
I can't think of any reason for using a slow and cryptographically weak
cypher. Unless I had to write some interopable glue to legacy software
that used DES -- but by then I would know what to start searching for.
But what if I wanted to create a system from scratch? Reducing the
visibility of Crypto::DES will give the other symmetric cyphers a better
chance gaining mindshare.
David