[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Freeipmi-devel] md2/md5 ...
|
From: |
Anand Babu |
|
Subject: |
Re: [Freeipmi-devel] md2/md5 ... |
|
Date: |
Sat, 20 Dec 2003 11:22:01 -0800 |
|
User-agent: |
Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (gnu/linux) |
,----[ Albert Chu <address@hidden> ]
| Last night I decided to program md2 just for fun. I have a bit of
| debugging to do, but for the most part it was very easy. Took around
| an hour or so to get the core code done. I may have grossly
| overestimated the difficulting of programming md2/md5. Perhaps we
| should write our own implementations for freeipmi.
`----
I think it is not worth having dependency on another library just for
MD2/5 algorithm. Doesn't matter if we copy and strip down a version
into our source just for IPMI.
Having lot of dependencies for system tools is a hassle for System
Administrators, especially when they are in trouble-shooting
mode. Most of the time, only when some thing breaks, network goes
down, or in a panic situation, a system administrator's attention will
be required. If has to meet package dependencies to bring up the
system, ...
-ab
----- Original Message -----
From: Albert Chu <address@hidden>
Date: Tuesday, December 16, 2003 4:02 pm
Subject: [Freeipmi-devel] md2/md5 ...
> Hey AB,
>
> I'd like to look at adding md2 and md5 authentication to ipmipower
> semi-soon. What do you see as the best method for adding md2/md5
> hashing algorithms to freeipmi ...
>
> A) Make a freeipmi rpm module dependency to some other common crypto
> library, like openssl or nss.
> B) Package some sub-library along with freeipmi ("libfoocrypto").
> C) write our own md2/md5 hashing algorithms for freeipmi ...
>
> Pros
>
> A) Easiest, put development on other people
>
> B) Pretty darn easy, have to update as other developers update, not a
> huge deal.
>
> C) no restrictions on licensing/anything ...
>
> Cons
>
> A) I haven't the slightest idea how popular/widespread packages like
> openssl or nss are. Yeah they are reasonably popular, but I don't
> really know.
>
> B) Some of the good crypto libraries seem to have funny licensing
> issues. Like we'd have to package their entire library, not just
> the md2/md5
> algorithms.
>
> C) I think it'd be a good excercise to code these algorithms out, but
> they're not exactly a walk in the park. I can't help but see porting
> issues. Not to mention wasted effort, since there are tons of
> implementations out there already.
>
> Al
>
> --
> Albert Chu
> address@hidden
> Lawrence Livermore National Laboratory
>
>
>
> _______________________________________________
> Freeipmi-devel mailing list
> address@hidden
> http://mail.nongnu.org/mailman/listinfo/freeipmi-devel
>
_______________________________________________
Freeipmi-devel mailing list
address@hidden
http://mail.nongnu.org/mailman/listinfo/freeipmi-devel
--
_.|_
(_||_)
Free as in Freedom <www.gnu.org>