pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: ECDH support for sendmail

John Nemeth <> wrote:

>      It looks like my choice of words was rather poor.  I meant to
> say that I didn't like the way you've implemented it.  You didn't
> answer my question about the origin of the patch...  

Sorry, missed it. 

I found the patch here:

Taking random patch from random project is not good security practice. I
therefore checked it against dovecot implementation to make sure it made
sense: ECDH support was added in dovecot here:

The sendmail version is just a striped down version (so much stripped
down I considered it did not need attribution: this is just the OpenSSL
API called n the eimpiest way), and the dovecot patch has an insightful
comment explaining the complexity difference. Basically the sendmail
version sticks to RFC mandated settings, while the dovecot patch goes

Emmanuel Dreyfus

Home | Main Index | Thread Index | Old Index