From owner-freebsd-bugs  Mon Jul 16 11: 0:16 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id D1CDA37B409
	for <freebsd-bugs@hub.freebsd.org>; Mon, 16 Jul 2001 11:00:02 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f6GI02E30753;
	Mon, 16 Jul 2001 11:00:02 -0700 (PDT)
	(envelope-from gnats)
Date: Mon, 16 Jul 2001 11:00:02 -0700 (PDT)
Message-Id: <200107161800.f6GI02E30753@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Anders Nordby <anders@fix.no>
Subject: Re: bin/28988: We need more simple message digesting tools
Reply-To: Anders Nordby <anders@fix.no>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR bin/28988; it has been noted by GNATS.

From: Anders Nordby <anders@fix.no>
To: Dima Dorfman <dima@unixfreak.org>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: bin/28988: We need more simple message digesting tools
Date: Mon, 16 Jul 2001 19:57:13 +0200

 On Sun, Jul 15, 2001 at 05:26:22AM -0700, Dima Dorfman wrote:
 >> Yes, I know openssl dgst -whatnot can do this. But the md5 program is heavily
 >> used, and thereby I think we should have sha1 and rmd160 too.
 > Used by whom, and why aren't they using openssl(1)?
 
 MD5 checksums are quite heavily used in FreeBSD, and AFAIK most people
 use the md5 program for generating MD5 fingerprints of files. At least,
 I do, and I haven't heard about anyone using openssl(1) for it in
 FreeBSD until recently. :-)
 
 > The latter is more portable and more up-to-date.
 
 More portable? md5(1) is just a frontend for libmd. If I make md5(1) use
 libcrypto instead, would that be better? And speaking of up-to-date,
 libmd must be the real issue here. It's the library that provides the
 actual message-digest fingerprinting code, and is based on SSLeay. We
 shouldn't be dragging old SSLeay code around when we have OpenSSL in the
 base system.
 
 > I think md5(1) should
 > be removed in favor of OpenSSL; certainly we shouldn't be adding new 
 > functionality to it to encourage its use. The only thing in the way of
 > replacng md5(1) with oppenssl(1) completely is that openssl(1)'s
 > output is a little different with regards to spacing.
 
 I don't see why we need to remove md5(1). It can be improved, and it's
 already an easy to use tool which can support rmd160 and sha1 too.
 
 Regards,
 
 -- 
 Anders.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message