Re: [osol-discuss] Crypto status
On Mon, 2005-11-07 at 17:24, Mike Kupfer wrote: So people who want to use crypto will want to use the signed binaries that are provided in the closed-bins tarball. Or if you are a distro builder you can #ifdef out the checking code in krtld and libpkcs11, they you won't need it. That will also mean you won't need elfsign/libelfsign/kcfd from the closed bins. Kcfd does have another use but you can live without it in almost all cases - certainly all single CPU cases and the only difference in multiple CPU cases is a potential drop in performance under very heavy crypto load. -- Darren J Moffat ___ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
Re: [osol-discuss] Crypto status
Stephen Lau [EMAIL PROTECTED] wrote: Hi Joerg, I believe all the crypto code should be open now... unless there's something I missed? Thank you, but what is e.g. with programs like /usr/bin/des? Jörg -- EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin [EMAIL PROTECTED](uni) [EMAIL PROTECTED](work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily ___ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
Re: [osol-discuss] Crypto status
Joerg Schilling wrote: Stephen Lau [EMAIL PROTECTED] wrote: Hi Joerg, I believe all the crypto code should be open now... unless there's something I missed? Thank you, but what is e.g. with programs like /usr/bin/des? Jörg Hi Jörg, Sorry, I'm not sure what you mean? /usr/bin/des should be in the open source code (usr/src/cmd/des). cheers, steve -- stephen lau // [EMAIL PROTECTED] | 650.786.0845 | http://whacked.net opensolaris // solaris kernel development ___ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
Re: [osol-discuss] Crypto status
Stephen Lau [EMAIL PROTECTED] wrote: Sorry, I'm not sure what you mean? /usr/bin/des should be in the open source code (usr/src/cmd/des). Sorry for the confusion, I checked the path on a too old system ,-) Jörg -- EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin [EMAIL PROTECTED](uni) [EMAIL PROTECTED](work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily ___ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
Re: [osol-discuss] Crypto status
Jörg Hi, I am not sure about the current OpenSolaris crypto status. Is Jörg all crypto code now included with the OpenSolaris sources? Would I Jörg currently need to download special crypto sources or binaries from Jörg somewhere else? Steve I believe all the crypto code should be open now... unless Steve there's something I missed? The source is available, but whether it's useful to compile it is another issue. OpenSolaris builds will not be able to sign the binaries in a way that will let them run. Darren discusses this a bit (including his plans for a fix) in http://www.opensolaris.org/os/community/security/projects/ef/sunwcry/. So people who want to use crypto will want to use the signed binaries that are provided in the closed-bins tarball. mike ___ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
[osol-discuss] Crypto status
Hi, I am not sure about the current OpenSolaris crypto status. Is all crypto code now included with the OpenSolaris sources? Would I currently need to download special crypto sources or binaries from somewhere else? Jörg -- EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin [EMAIL PROTECTED](uni) [EMAIL PROTECTED](work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily ___ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
