Subject: Re: [9front] obsolete cryptographic algorithms
Date: Sat, 04 Jun 2022 10:47:28 -0400 [thread overview]
Message-ID: <8DCF165E26E87FA681256EFA7DDFDE8E@eigenstate.org> (raw)
Quoth sml <email@example.com>:
> In the list I keep reading about different cleanups, which I greatly appreciate and I'm wondering whether the deprecated crypto algorithms and protocols can be cleaned out as well, or if there is a specific reason to hold on to them. I think if you use very weak crypto, you can do without it directly.
Protocols still use them.
For example, grepping for md5 in /sys/src/cmd/auth,
it's used in:
- HTTPDIGEST (RFC2517)
- SecurID RADIUS
- CRAM digests
- Secstore MAC
Of these, it seems that the only one we fully control
is the secstore protocol -- patches welcome, though
it may be better to kill secstore entirely.
For the others: what external software implements them,
and what other protocols are supported?
To remove them, someone is going to need to go through
protocol by protocol and implement updates, or show that
they are unused.
next prev parent reply other threads:[~2022-06-04 14:49 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-04 7:13 sml
2022-06-04 14:47 ` ori [this message]
2022-06-04 15:26 ` mkf9
2022-06-04 15:32 ` ori
2022-06-04 15:36 ` ori
2022-06-04 16:07 ` Stanley Lieber
2022-06-04 16:12 ` ori
2022-09-27 20:10 ` Michael Forney
2022-09-27 20:11 ` hiro
2022-09-27 20:31 ` Michael Forney
2022-09-27 21:40 ` hiro
2022-09-27 22:26 ` ori
2022-09-28 6:41 ` hiro
2022-09-29 5:01 ` ori
2022-09-29 6:17 ` unobe
2022-09-29 6:30 ` unobe
2022-09-29 8:53 ` hiro
2022-10-02 18:23 ` [9front] " magma698hfsp273p9f
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).