Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

Sorry to revive this old thread, I did not see any recent updates. If there are - please point me that way, and apologies in advance. I saw a reference to SunOS libc compatibility issues, implying we never remove functionality. I want to be clear - we do. We do it by giving our customers

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

To close off this thread: OpenSSL will not be making any changes. The team voted on moving a set of algorithms to maintenance mode, and removing the corresponding assembly implementations from libcrypto, but the vote did not pass. Emilia On Fri, Nov 27, 2015 at 10:19 AM, Tim Hudson

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Friday 20 November 2015 12:58:59 John Denker wrote: > On 11/19/2015 12:28 PM, Viktor Dukhovni wrote: > > What algorithms people use on > > their own data is their choice and risk decision not ours. > > To say the same thing yet another way, fundamentally we have a > communication problem, or

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

t; <openssl-dev@openssl.org<mailto:openssl-dev@openssl.org>> From: "Short, Todd" Sent by: "openssl-dev" Date: 11/21/2015 08:28AM Cc: "openssl-us...@openssl.org<mailto:openssl-us...@openssl.org>" <openssl-us...@openssl.org<mailto:openssl-us..

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/19/2015 12:28 PM, Viktor Dukhovni wrote: > What algorithms people use on > their own data is their choice and risk decision not ours. I heartily agree with the sentiment. A low- or mid-level library is not the right place to be making and enshrining policy decisions. We can take yet

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

...@openssl.org" <openssl-us...@openssl.org>Subject: Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback While I am all for simplicity, I also think that removing functionality is a “bad idea”. To reduce the support burden, deprecate the ciph

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Čt, 2015-11-19 at 02:12 +, Viktor Dukhovni wrote: > On Wed, Nov 18, 2015 at 02:34:41PM -0600, Benjamin Kaduk wrote: > > > > No, of course not. But after letting people depend on this “single > > > cryptographic library” for many years, telling them “too bad” isn’t very > > > nice. > > > >

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Thu, Nov 19, 2015 at 11:01:26AM +0100, Tomas Mraz wrote: > 3. remove the respective EVP_add_cipher(), EVP_add_digest(),... from the > OpenSSL_add* functions so the users have to explicitly add these to use > them automatically. This does not work. Often the code that calls

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Thu, Nov 19, 2015 at 05:07:38PM +, Richard Moore wrote: >​Yes, but a several people (including me) disagree with you. And one of the > options that has been suggested is to keep the code but have it disabled by > default. Note, we're talking about "disabled" as opposed to "not compiled".

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 19 November 2015 at 19:28, Viktor Dukhovni wrote: > On Thu, Nov 19, 2015 at 05:07:38PM +, Richard Moore wrote: > > >​Yes, but a several people (including me) disagree with you. And one of > the > > options that has been suggested is to keep the code but have it

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/19/15, 5:01 , "openssl-dev on behalf of Tomas Mraz" wrote: >On Čt, 2015-11-19 at 02:12 +, Viktor Dukhovni wrote: >> On Wed, Nov 18, 2015 at 02:34:41PM -0600, Benjamin Kaduk wrote: >> >>> I guess I'm just having a hard time

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Wednesday 18 November 2015 14:34:41 Benjamin Kaduk wrote: > On 11/18/2015 12:52 PM, Blumenthal, Uri - 0553 - MITLL wrote: > > On 11/18/15, 12:12 , "openssl-dev on behalf of Benjamin Kaduk" > > > > wrote: > >> On 11/18/2015 07:05

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 19 November 2015 at 16:56, Blumenthal, Uri - 0553 - MITLL wrote: > ​Heh. I actually tested building all releases of openssl after 0.9.7 a few > months back - several refuse to build with the default options on 64 bit. > In addition my experience shows that compilers get

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

>> I did not say “no maintenance costs”. I said that I concur that the >> maintenance costs for such code would be minimal, which usually it is. >> >> I’m against “disabling by default”. Removing access to such code from libssl >> is OK, and the correct thing to do from the security point of

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/18/2015 07:05 AM, Hubert Kario wrote: > So, a full CAdES-A, XAdES-A or PAdES-A implementation _needs_ to support > both relatively modern TLS with user certificates, preferably the newest > cryptosystems and hashes as well as the oldest ones that were > standardised and used. > > That

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/18/15, 12:12 , "openssl-dev on behalf of Benjamin Kaduk" wrote: >On 11/18/2015 07:05 AM, Hubert Kario wrote: >> So, a full CAdES-A, XAdES-A or PAdES-A implementation _needs_ to >>support >> both relatively modern TLS with

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Wednesday 18 November 2015 11:12:59 Benjamin Kaduk wrote: > On 11/18/2015 07:05 AM, Hubert Kario wrote: > > So, a full CAdES-A, XAdES-A or PAdES-A implementation _needs_ to > > support both relatively modern TLS with user certificates, > > preferably the newest cryptosystems and hashes as well

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Wed, Nov 18, 2015 at 02:34:41PM -0600, Benjamin Kaduk wrote: > > No, of course not. But after letting people depend on this “single > > cryptographic library” for many years, telling them “too bad” isn’t very > > nice. > > I guess I'm just having a hard time wrapping my head around why, upon

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Tue, Nov 17, 2015 at 11:12 AM, Jeffrey Walton wrote: > > MD2 - (The argument that someone somewhere may want to keep verifying old > > MD2 signatures on self-signed certs doesn't seem like a compelling enough > > reason to me. It's been disabled by default since OpenSSL

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Tue, Nov 17, 2015 at 7:21 AM, Emilia Käsper wrote: > > > On Tue, Nov 17, 2015 at 11:12 AM, Jeffrey Walton wrote: >> >> > MD2 - (The argument that someone somewhere may want to keep verifying >> > old >> > MD2 signatures on self-signed certs doesn't seem

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

> MD2 - (The argument that someone somewhere may want to keep verifying old > MD2 signatures on self-signed certs doesn't seem like a compelling enough > reason to me. It's been disabled by default since OpenSSL 1.0.0.) > ... Apple still provides two Verisign certificates using

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/17/2015 12:00 PM, Jeffrey Walton wrote: > > > Also, if OpenSSL requires iOS 9 or above, then its setting policy for users. In some sense, yes. But it has always done so -- OpenSSL only supports certain platforms, and certain versions of certain platforms. There are prerequisites to being

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Mon, Nov 16, 2015 at 04:51:10PM +0100, Emilia Käsper wrote: > As for specific deprecation strategies: > - Don't forget that all applications will have to recompile against 1.1. The EVP_get_cipherbyname() and EVP_get_digestbyname() interfaces remain, so nothing changes at compile-time. Most

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/13/2015 09:31 AM, Jakob Bohm wrote: > On 13/11/2015 14:40, Emilia Käsper wrote: >> Hi all, >> >> We are considering removing from OpenSSL 1.1 known broken or outdated >> cryptographic primitives. As you may know the forks have already done >> this but I'd like to seek careful feedback for

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Fri, Nov 13, 2015, Benjamin Kaduk wrote: > > As another thread calls to mind, PKCS#12 could potentially just use > triple-DES. (BTW, the CMS tests fail when openssl is configured with > no-rc2, due to this; I have a WIP patch sitting around.) > The issue is that some cuurent software

Re: [openssl-dev] [openssl-users] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

> ALL BINARY ELLIPTIC CURVES This one may be premature. I understand the TLS WG is moving against it. However, I am aware of implementations of Shoup's ECIES, and they, in turn, depend on OpenSSL. I don't know if the ECIES implementations rely solely on prime fields or not, however. > BLOWFISH