RedHat forks OpenSSH?

Pekka Pietikainen pp at ee.oulu.fi
Tue Nov 9 08:41:42 EST 2004


On Tue, Nov 09, 2004 at 07:23:44AM +1100, Damien Miller wrote:
> the only change is deletion of files related to the experimental
> ACSS cipher. It is unclear why Redhat has chosen to do this: the 
> cipher is disabled by default and their own Cygwin product has
> shipped these same files for many months, as have many other
> Linux distributions.

Of course, the readership might be more enlightened to know what ACSS 
is.

"This library implements the Alleged Content Scrambling System.  It is
believed
to be interoperable with CSS of the DVD Copy Control Association.

ACSS is a stream cipher with a fixed key length of 40 bit (5 byte).

ACSS consists of a key setup phase and the actual encryption or decryption
phase."

Apart from the potential legal issues (even if are just some litigious
bastards suing people for fun/profit instead of real ones) surrounding
said algorithms, isn't it OpenBSD policy (dunno about openssh) to not ship
known broken crypto algorithms at all?

-- 
Pekka Pietikainen




More information about the openssh-unix-dev mailing list