On 3/19/06, Ted Mittelstaedt wrote:
>
>
> >I think we have 2 options:
> >- Completly drop the old des support, including des_old.h
> >- Drop the libdes compatibility, so that it's only compatible
> > with older openssl versions, and people can still use the des_*
> > versions.
> >

>
> How about option 3 - change the default to not include it but
> leave the code still in there, then see how many people
> squawk about old des support "missing" and get told to
> set the flag to include it, then make a decision about
> stripping it out completely, based on that.


As long as the old DES support isn't compiled in by default, this
would appear to be the most logical course of action.

My personal opinion is that if there's an external library which can
provide DES services (libdes), that should be used to help reduce the
amount of cruft in the codebase. (Remember, however, that 3DES uses
the DES functionality in encrypt, decrypt, and then re-encrypt modes.)

-Kyle H
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org