Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 7 Aug 2016 22:56:37 +0300
From:      Slawa Olhovchenkov <slw@zxy.spb.ru>
To:        Andrey Chernov <ache@freebsd.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, Oliver Pinter <oliver.pinter@hardenedbsd.org>, Bruce Simpson <bms@fastmail.net>, Warner Losh <wlosh@bsdimp.com>, svn-src-head@freebsd.org, Dag-Erling =?utf-8?B?U23DuHJncmF2?= <des@freebsd.org>
Subject:   Re: svn commit: r303716 - head/crypto/openssh
Message-ID:  <20160807195637.GX8192@zxy.spb.ru>
In-Reply-To: <0cb2bd75-3086-fb72-c902-a05354536fc4@freebsd.org>
References:  <0740b662-4a36-f834-229a-d16a5a6dde14@freebsd.org> <20160807173734.GD22212@zxy.spb.ru> <2dd7e952-ca28-57cb-ac8a-39d895b51d06@freebsd.org> <e43e43f2-4043-847f-f1d8-f791e2d8b91d@freebsd.org> <20160807182317.GE22212@zxy.spb.ru> <b335d3fb-5cea-4498-ec6e-fedf581d0cbe@freebsd.org> <20160807185237.GV8192@zxy.spb.ru> <f630354c-f555-a997-bea8-c9c51b150ccc@freebsd.org> <20160807191041.GW8192@zxy.spb.ru> <0cb2bd75-3086-fb72-c902-a05354536fc4@freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 07, 2016 at 10:42:56PM +0300, Andrey Chernov wrote:

> On 07.08.2016 22:10, Slawa Olhovchenkov wrote:
> > On Sun, Aug 07, 2016 at 10:02:52PM +0300, Andrey Chernov wrote:
> > 
> >> On 07.08.2016 21:52, Slawa Olhovchenkov wrote:
> >>>> Why you still not
> >>>> send your opinion to the author?
> >>>>
> >>>
> >>> I am not sure about suitable response from autor.
> >>> May be project [FreeBSD] choise some compromise.
> >>
> >> IMHO blindly choosing some compromise without asking author's opinion
> >> first will be unwise. I will be glad in case someone from secteam@
> >> discuss that with the author. Moreover, careless attempt to stay
> >> compatible by any price can weak connections passed out of the server room.
> >>
> > 
> > In generaly I am accept this.
> > For this specific case enforcing strong crypo like Internet filtering
> > from suicide.
> > 
> 
> BTW, there is at least one alternative. F.e. security/putty from ports
> still support weak min DH 1024, diffie-hellman-group1-sha1 and even des
> you need. I don't check others because I am too lazy.

Last time I am see (over six years ago) putty just don't work (my
coworker try on Linux). I am to lazy check now.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160807195637.GX8192>