View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000899 | 1003.1(2013)/Issue7+TC1 | System Interfaces | public | 2014-12-04 02:55 | 2019-06-10 08:54 |
| Reporter | tedu | Assigned To | ajosey | ||
| Priority | normal | Severity | Editorial | Type | Enhancement Request |
| Status | Closed | Resolution | Accepted As Marked | ||
| Name | Ted Unangst | ||||
| Organization | OpenBSD | ||||
| User Reference | |||||
| Section | setkey | ||||
| Page Number | 750 | ||||
| Line Number | 25291 | ||||
| Interp Status | --- | ||||
| Final Accepted Text | see 0000899:0002578 | ||||
| Summary | 0000899: Remove setkey and encrypt | ||||
| Description | DES is laughably bad now, and these interfaces are possibly worse. Passing a 64 (56) bit key in 64 chars? Only one global key? The standard doesn't even actually specify DES, meaning it's useless from an interoperability standpoint. Unlike the crypt interface, which has proven flexible enough to support extensions and better algorithms, it's not possible to somehow bend these functions into supporting a modern cipher. A test build of the OpenBSD ports tree revealed one program using these functions. claws mail saves the user's password by encrypting it with a fixed key ("passkey0"). That code could be replaced by base64 "encryption" with identical security. | ||||
| Desired Action | Delete setkey(). Delete encrypt(). | ||||
| Tags | tc2-2008 | ||||
| parent of | 0000931 | Closed | mark encrypt, setkey as OBS |
|
|
For both Page 750 line 25291 (encrypt) and Page 1882 line 60535 (setkey), change the Future Directions wording from:None.to: A future version of the standard may mark this interface as obsolete or remove it altogether. On Page 710 line 24043 (crypt), add a paragraph to Application Usage: Several implementations offer extensions via characters outside of the set specified for the salt argument for specifying alternative algorithms; while not portable, these extensions may offer better security. The use of crypt() for anything other than password hashing is not recommended. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2014-12-04 02:55 | tedu | New Issue | |
| 2014-12-04 02:55 | tedu | Status | New => Under Review |
| 2014-12-04 02:55 | tedu | Assigned To | => ajosey |
| 2014-12-04 02:55 | tedu | Name | => Ted Unangst |
| 2014-12-04 02:55 | tedu | Organization | => OpenBSD |
| 2014-12-04 02:55 | tedu | Section | => setkey |
| 2015-03-12 15:45 | eblake | Relationship added | parent of 0000931 |
| 2015-03-12 15:46 | eblake | Tag Attached: tc2-2008 | |
| 2015-03-12 15:58 | eblake | Note Added: 0002578 | |
| 2015-03-12 16:01 | eblake | Note Edited: 0002578 | |
| 2015-03-12 16:05 | eblake | Note Edited: 0002578 | |
| 2015-03-12 16:08 | eblake | Page Number | => 750 |
| 2015-03-12 16:08 | eblake | Line Number | => 25291 |
| 2015-03-12 16:08 | eblake | Interp Status | => --- |
| 2015-03-12 16:08 | eblake | Final Accepted Text | => see 0000899:0002578 |
| 2015-03-12 16:08 | eblake | Status | Under Review => Resolved |
| 2015-03-12 16:08 | eblake | Resolution | Open => Accepted As Marked |
| 2015-04-10 09:05 | geoffclare | Project | 1003.1(2008)/Issue 7 => 1003.1(2013)/Issue7+TC1 |
| 2019-06-10 08:54 | agadmin | Status | Resolved => Closed |
