Date: Thu, 01 Aug 2002 12:44:52 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: Mikhail Teterin <mi+mx@aldan.algebra.com> Cc: Alexandr Kovalenko <never@nevermind.kiev.ua>, Jacques Vidrine <nectar@FreeBSD.ORG>, arch@FreeBSD.ORG Subject: Re: OpenSSL vs. -lmd Message-ID: <3D498FB4.6987B696@mindspring.com> References: <200207311641.g6VGfRWj099655@freefall.freebsd.org> <20020801143059.GA536@nevermind.kiev.ua> <200208011151.55478.mi%2Bmx@aldan.algebra.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mikhail Teterin wrote: > Do we still need the separate message digest library -lmd? I used to > prefer it myself, but all of the digests are now available in OpenSSL, > which is likely to be present on more systems AND is optimized in > assembler... Inclusion of OpenSSL in FreeBSD was probably a mistake, since it was not brought in on a vendor branch, and is so mixed up in various code that it's hard to keep up with changes for security updates. As a matter of general principle, it seems to me that MD5 and friends are unlikely to ever change functionally, whereas the other things that come with the package can change rather frequently, since they speak to policy. Consider that it is very hard to use an updated OpenSSL (e.g. 0.9.7-Beta or 0.9.6e) with FreeBSD these days. Also consider that it's hard to build a project whose code is independent of FreeBSD itself, with all these interfaces in the base OS by default. My recommendation is to keep the "md" library. It satisfies the "mechanism, not policy" philosophy in a way that OpenSSL does not. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D498FB4.6987B696>