David Aguilar <davvid@xxxxxxxxx> writes: > I think the best long-term solution would be to abandon the > CommonCrypto backend, if possible. There's not a strong reason > for its existence. It always seemed kinda hacky, and bolted-on. > ... >> A few questions we should be asking Apple users are: >> >> - Is there a strong-enough reason why those who do not want to use >> SSL should be able to choose the SHA-1 implementation available >> from CommonCrypto over block-sha1? > > IMO, no. > >> - Is CommonCrypto SHA-1 a better implementation than block-sha1? > > I do not believe this to be true. > > My gut feeling is that we cannot rely on the long-term stability > and availability of Apple's APIs. Block-sha1 works fine on > the current Apple hardware and I suspect that it (or openssl) > will continue to work fine in the future. > ... >> If people do not care, we can leave things as they are. It would >> seem mysterious to use block-sha1 when we are not using CommonCrypto >> for SSL (i.e. NO_OPENSSL), and otherwise CommonCrypto SHA-1, and >> would invite a puzzlement we saw in this thread, though. > > I'm curious to see what others think about dropping CommonCrypto. > It seems like a good choice from a maintenance POV. Judging by a week-long silence, it seems nobody seems to have much to say on this issue. Let me summon the git_osx_installer maintainer to hear from somebody who know a lot better than me about things around OS X. Thanks. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html