Hi Damien and openSSH, We have discussed internally the resources and time required to implementing a "crypto abstraction layer". Unfortunately at the current time we do not have the engineering resources/man power to be able to assign this task. We are happy to submit a pull request on our current modifications and to support those changes going forward. Let us know your thoughts. Best Regards, The wolfSSL Team. Kaleb Himes www.wolfssl.com kaleb@xxxxxxxxxxx Skype: kaleb.himes +1 406 381 9556 On Thu, Sep 3, 2015 at 9:12 PM, Damien Miller <djm@xxxxxxxxxxx> wrote: > On Tue, 1 Sep 2015, Kaleb Himes wrote: > > > Hi openSSH, > > > > After having time to review our licensing model and perhaps play around > > with our product we were checking back to see what your thoughts might > be. > > > > We also wanted to point out that we only desire to give end-users an > > alternative option to compiling with openSSL. > > End users who configure with the "--enable-wolfssl" option would need to > > consider licensing. > > That would be a part of their project evaluation phase. Any patch we > submit > > to you would retain your licensing model. > > Hi, > > I'm not opposed to making OpenSSH play nicer with non-OpenSSL crypto > libraries, but I am worried that attempts to do so could yield a worse > #ifdef maze than we already have. > > Microsoft will need to figure out how to handle crypto in their port > of OpenSSH since they'll likely be using CryptoAPI instead of OpenSSL, > so perhaps there is an opportunity to find some nice way of abstracting > out all the BIGNUM, RSA, DSA, EC*, etc out that suits you both (and > cleans up core OpenSSH along the way). > > -d > > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
