From owner-freebsd-hackers@freebsd.org  Sat Oct 28 12:36:57 2017
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 282C1E425B0;
 Sat, 28 Oct 2017 12:36:57 +0000 (UTC) (envelope-from kaduk@mit.edu)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu
 [18.7.68.34])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 61F0C6E43C;
 Sat, 28 Oct 2017 12:36:55 +0000 (UTC) (envelope-from kaduk@mit.edu)
X-AuditID: 12074422-b6dff7000000159a-82-59f478ad6dd6
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39])
 (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id
 22.44.05530.EA874F95; Sat, 28 Oct 2017 08:31:43 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11])
 by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id v9SCVbZ3006042;
 Sat, 28 Oct 2017 08:31:38 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com
 [24.107.191.124]) (authenticated bits=56)
 (User authenticated as kaduk@ATHENA.MIT.EDU)
 by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v9SCVWaM031555
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
 Sat, 28 Oct 2017 08:31:35 -0400
Date: Sat, 28 Oct 2017 07:31:32 -0500
From: Benjamin Kaduk <bjk@freebsd.org>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: Ben Laurie <ben@links.org>, Eric McCorkle <eric@metricspace.net>,
 "freebsd-security@freebsd.org security" <freebsd-security@freebsd.org>,
 "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>,
 "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org>
Subject: Re: Crypto overhaul
Message-ID: <20171028123132.GF96685@kduck.kaduk.org>
References: <dc08792a-3215-611c-eb9f-4936a0d621f9@metricspace.net>
 <CAG5KPzws=jmF2wLeEAz8Lzn7Ugude=0w5neoQjeDjYnGtJpS9Q@mail.gmail.com>
 <13959.1509132270@critter.freebsd.dk>
 <CAG5KPzxGtAwV-svCv24FbZtLvxKCwX7OSyb2pPaTc63EUmFFGA@mail.gmail.com>
 <20171028022557.GE96685@kduck.kaduk.org>
 <23376.1509177812@critter.freebsd.dk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <23376.1509177812@critter.freebsd.dk>
User-Agent: Mutt/1.8.3 (2017-05-23)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrIKsWRmVeSWpSXmKPExsUixG6nrru+4kukwYsnKhaLZnNafJv+l8Vi
 9vRpTBbbN/9jtOjZ9ITN4sM3fgc2jxmf5rN4bG6aw+Zxb8cEJo9P+yezBbBEcdmkpOZklqUW
 6dslcGVsWb2KseAMd8W/+/cZGxhXcHYxcnJICJhI7HrTx9jFyMUhJLCYSeL4ngYoZyOjxJG7
 i9khnKtMEnv6DrKCtLAIqEqcvXOcEcRmE1CTeLy3GSwuIqAlsXb2WSaQBmaB2UwSq4+1gBUJ
 C8hIHDx7iQnE5gXaN+3FDmaIqaeZJD433mOESAhKnJz5hAXEZgaadOPfS6AGDiBbWmL5Pw6Q
 MKeAkcS2prNgy0QFlCXm7VvFNoFRYBaS7llIumchdC9gZF7FKJuSW6Wbm5iZU5yarFucnJiX
 l1qka6qXm1mil5pSuokRHOIuSjsYJ/7zOsQowMGoxMMrkfs5Uog1say4MvcQoyQHk5Io777z
 nyKF+JLyUyozEosz4otKc1KLDzFKcDArifAGlX+JFOJNSaysSi3Kh0lJc7AoifNuC9oVKSSQ
 nliSmp2aWpBaBJOV4eBQkuBdC9IoWJSanlqRlplTgpBm4uAEGc4DNPw02PDigsTc4sx0iPwp
 RkuOTTfv/mHi2PD9AZB8NvN1A7MQS15+XqqUOK8WSIMASENGaR7cTFDKksjeX/OKURzoRWHe
 RpAqHmC6g5v6CmghE9BCDUmwhSWJCCmpBkYOx6rmdXYcj5lerOv/uaev2n/Lpo08oU1xgf8v
 ntrGNVX31/I9Ebl/Q91UfGXUl9j/+P3P9ODTwHl/vNWurT7JYiIeb7ipXzSPcSZ/WcPvhzcY
 Ju7utrj6peyGWuONUxyXZRMX2yXmir7MqMqM5ul6JfzJ9qHStZnrr17bNn+S/Hzh+++X5vxV
 YinOSDTUYi4qTgQA0N6zLDQDAAA=
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Oct 2017 12:36:57 -0000

On Sat, Oct 28, 2017 at 08:03:32AM +0000, Poul-Henning Kamp wrote:
> --------
> In message <20171028022557.GE96685@kduck.kaduk.org>, Benjamin Kaduk writes:
> 
> >But I think the main issue with OpenSSL in base that was leading to
> >thoughts about replacing it is the mismatch between FreeBSD release
> >branch support lifecycles and OpenSSL release branch support lifecycles.
> 
> That's not why I want OpenSSL gone from the tree.
> 
> My reason is that I think OpenSSLs architecture, (to the extent you
> can talk about OpenSSL having one), APIs and the source code are
> all horrible.

Those are all fine reasons for an individual to want OpenSSL gone from
the tree, and I can't really dispute any of them for the 1.0.x series.
I would say that the 1.1.x series is less bad, especially on the last count,
but don't know how much you've looked at the differences in the new branch.

Regardless, the point I was intending to make is that, fine reasons those
are, they in and of themselves may not be enough to overcome the weight
of POLA for staying with OpenSSL.  I do, however, remember a few years
ago a Security Officer raising concerns about the support lifecycle
mismatch, and in that context that reason does seem to be able to overcome
the weight of POLA.  That is, I was talking about history.  We should
of course make our own, fresh, decision about whether your reasons are
currently enough to outweigh POLA, for the present discussion.

-Ben