On 07.08.2016 17:40, Warner Losh wrote: > >> On Aug 7, 2016, at 7:21 AM, Andrey Chernov <a...@freebsd.org> wrote: >>> >>>> We can't turn our security >>>> team into compatibility team, by constantly restoring removed code, such >>>> code quickly becomes outdated and may add new security holes even being >>>> inactive. >>> >>> What is security hole by present this ciphers in _client_? >> >> It is obvious, but it will be better for you to ask openssh author about >> his decisions, I have no intention to act like explainer of his action. > > That’s a cop-out answer. We, as a project, need to articulate to our > users, whom we care about, why this rather obnoxious hit to usability > was taken. The answer must be more complete than “We just disabled > it because upstream disabled it for reasons we’re too lazy to explain > or document how to work around"
Maybe I am too lazy, but in this particular case I prefer explanation from the author rather then my own explanations. In general my guessing of author intentions related to compatibility case can be not correct enough, so I don't want anybody relay on it. I.e. I don't want to mislead anybody. _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
