Status of OpenSSL 1.1 support - Thoughts

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Thu Oct 19 06:38:37 AEDT 2017


Views, technologies, best practices, and threats evolve and change. 

So, regardless of what it is and how it came about, move to, e.g., opaque structures appears inevitable to me. And if LibreSSL hasn't done that yet, most likely it would have to in the long run.

Regards,
Uri

Sent from my iPhone

> On Oct 18, 2017, at 15:32, Peter Stuge <peter at stuge.se> wrote:
> 
> Blumenthal, Uri - 0553 - MITLL wrote:
>> In my opinion, a reasonable thing for OpenSSH to do would be to
>> port their code to using accessor functions, and write a shim
>> library to the “old” way (exactly as was proposed here before).
>> 
>> LibreSSL would have to do the same eventually.
> 
> It seems to be a bug that more than one project needs to do that.
> 
> 
> //Peter
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5801 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20171018/50093519/attachment.p7s>


More information about the openssh-unix-dev mailing list