removing bdes..
Slawa Olhovchenkov
slw at zxy.spb.ru
Tue Feb 10 17:52:43 UTC 2015
On Tue, Feb 10, 2015 at 09:20:39AM -0800, Gleb Kurtsou wrote:
> On (10/02/2015 18:18), Slawa Olhovchenkov wrote:
> > On Mon, Feb 09, 2015 at 10:15:02AM -0800, John-Mark Gurney wrote:
> >
> > > So, I happen to stuble across bdes recently and think we should remove
> > > it..
> > >
> > > I'm fine w/ making it a port so that people who need it can use it...
> > >
> > > Especially considering:
> > > The DES cipher should no longer be considered secure. Please consider
> > > using a more modern alternative.
> > >
> > > Though sadly, that comment was added almost 15 years after DES was
> > > brute forced by DEEPCrack.
> >
> > Clear text also insecure. Do you remove all clear text?
>
> This is rather odd argument ;)
>
> I'm all for removing it. openssl provides file encryption for those who
> need it in base.
3DES remove too? and how to login users with password in 3DES?
How to migrate old system with 3DES passwords?
More information about the freebsd-arch
mailing list