2014-12-11 15:40 GMT+03:00 Stuart Henderson <[email protected]>: > On 2014/12/11 16:08, Dmitry Eremin-Solenikov wrote: >> Hello, >> >> For the historic reasons there is a significant amount of duplicated >> functionality. >> For example one can use openssl rsa/dsa/ec to create/modify private/public >> keys >> or it's possible to just use a generic openssl genpkey/pkey interface. I'd >> like >> to suggest to clean up the first set of commands in favour of a >> generic implementation. >> >> What do you think? > > The "old" interfaces are still very widely used, both in text > (books/guides/documentation) on handling keys, and directly used in > programs (to pick a couple: ikectl, easyrsa) > > I dislike having two separate implementations in code that do basically > the same thing so perhaps they could be consolidated somehow, but > think the old command-line options would need to set things up to > call common code and work as before; removing them will cause > widespread difficulty.
Should LibreSSL start the process of deprecating them? Add a warning, start updating users and docs? -- With best wishes Dmitry
