Hi George, On Sat, Jun 24, 2017 at 2:06 PM, George M. Garner Jr. <ggarner_online@xxxxxxxxxxxxxxxxx> wrote: > I think that this is the better approach. The question I have is why the > SSH logic should be dependent on the implementation details of ANY > particular cryptographic library (be it openssl, libressl or whatever)? > Proper software design would develop an abstraction layer with some measure > of forward compatibility built in. I'm all in favor of abstracting such a complex piece of code. Yet the sheer number of available crypto library out there makes it an XKCD "build another standard to aggregate all the existing standard, so now there is one more standard to deal with" kind of situation. Not to mention that these libraries may implement different philosophies so building some abstraction code above them could be quite complex. To be honest, I would not even know where to start :) BR, -- Emmanuel Deloget _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev