9front - general discussion about 9front
 help / color / mirror / Atom feed
From: ori@eigenstate.org
To: 9front@9front.org
Subject: Re: [9front] obsolete cryptographic algorithms
Date: Sat, 04 Jun 2022 10:47:28 -0400	[thread overview]
Message-ID: <8DCF165E26E87FA681256EFA7DDFDE8E@eigenstate.org> (raw)
In-Reply-To: <B7BDF2AE-D1D7-4716-B76C-91A8FEF6C1FC@firstpost.pub>

Quoth sml <sml@firstpost.pub>:
> 
> In the list I keep reading about different cleanups, which I greatly appreciate and I'm wondering whether the deprecated crypto algorithms and protocols can be cleaned out as well, or if there is a specific reason to hold on to them. I think if you use very weak crypto, you can do without it directly.

Protocols still use them.

For example, grepping for md5 in /sys/src/cmd/auth,
it's used in:

	- HTTPDIGEST (RFC2517)
	- SecurID RADIUS
	- CRAM digests
	- Secstore MAC

Of these, it seems that the only one we fully control
is the secstore protocol -- patches welcome, though
it may be better to kill secstore entirely.

For the others: what external software implements them,
and what other protocols are supported?

To remove them, someone is going to need to go through
protocol by protocol and implement updates, or show that
they are unused.


  reply	other threads:[~2022-06-04 14:49 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-04  7:13 sml
2022-06-04 14:47 ` ori [this message]
2022-06-04 15:26   ` mkf9
2022-06-04 15:32     ` ori
2022-06-04 15:36       ` ori
2022-06-04 16:07         ` Stanley Lieber
2022-06-04 16:12           ` ori

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=8DCF165E26E87FA681256EFA7DDFDE8E@eigenstate.org \
    --to=ori@eigenstate.org \
    --cc=9front@9front.org \
    --subject='Re: [9front] obsolete cryptographic algorithms' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).