Peter Stuge <peter_at_stuge.se> writes:
> Lars Nordin wrote:
>> SSH can be used without DSA, but will break the RFC. It's up to the
>> enduser if he wants an SSH2 that break's the RFC (for me, the
>> client i', building will only talk with a openssh-server compiled
>> using the same OpenSSL-version (without DSA)
>
> RFC compliance is really important for interoperability.
>
> In a case such as yours, where you explicitly do not want wide
> interoperability, non-compliance is of course fine.
>
> But I think we must not silently build a non-compliant library, so at
> the very least this needs to become a configure option;
>
> --disable-rfc-compliance
>
> maybe? The same knob might be used also for other things in the code.
I like this, although prefer one configure option per software
configuration, i.e., --disable-rfc-compliancy-dsa. Just because one
wants to disable DSA one might not want to automatically disable any
other RFC-compliancy behaviour.
/Simon
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-03-01