Contributed by tbert on from the alas-poor-srp-we-hardly-knew-ye dept.
Hi there. I'm trying to find somebody who is actually using either Kerberos or SRP support in libssl. I'm inclined to remove support for them. While the bulk of the code sits off to the side, the integration requires adding several additional cases to some of the most critical paths.
For reference, OpenBSD hasn't ever compiled support for either of these features and I haven't seen many complaints. The code has all the hallmarks of something that somebody needed once, threw over the fence, and has been barely maintained on life support ever since. That said, we'd rather not be too hasty in deleting it because unbeknownst to us, it could be useful.
We're looking for somebody to stand up and say "Not only do I need SRP support, but I'm sufficiently invested that I'd like to help maintain it."
Note that I'm not looking for negative responses. You don't need to tell me you think it's ok to delete these features. I already think that.
Also note that I'm not really interested in rumors or whispers. You don't need to tell me that it's possible somebody else uses Kerberos. I know it's possible, that's why I'm asking. I'd like to know who.
Thanks.
If you or one of your loved ones has a need for this, speak now or resurrect the code from the attic.
(Comments are closed)
By Anonymous Coward (156.35.221.167) on
Minimalism can be considered another security paradigm.
Comments
By Anonymous Coward (24.207.52.240) on
>
> Minimalism can be considered another security paradigm.
You just did exactly what he had asked people not to do. Please read and attempt to comprehend the initial post completely before replying.
Comments
By Anonymous Coward (216.16.224.222) on
> >
> > Minimalism can be considered another security paradigm.
>
> You just did exactly what he had asked people not to do. Please read and attempt to comprehend the initial post completely before replying.
Then again, so did at least one OBSD developer on tech@
By Anonymous Coward (2.242.102.17) on
And if he had written in to tech@ with such a message, it might have been bad form, but he did no such thing.