Removing NOCRYPT

From: Colin Percival <colin.percival_at_wadham.ox.ac.uk>
Date: Tue, 27 Apr 2004 10:08:30 +0100
  I would like to remove the NOCRYPT option from FreeBSD before
5.3-RELEASE.  There are a number of good reasons for doing this:

1. NOCRYPT is almost completely untested, and in the past it has
often broken (for example, there was a recent release where it
was impossible to pkg_add without the cryptographic libraries.)

2. NOCRYPT has outlived its original purpose.  The separation of
cryptographic code from non-cryptographic code is a result of
"munitions" export restrictions in the US which were changed a
long time ago.

3. NOCRYPT causes major headaches.  With the Kerberos options
removed (or rather, Kerberos 4 removed and Kerberos 5 made
manditory) this is the only remaining option which can result
in certain files from the FreeBSD world existing in multiple
entirely different forms.  Most obviously, this complicates
release-building; it also adds significant complications to
FreeBSD Update.

  If anyone has a really good reason for keeping the NOCRYPT
option, please let me know.  In particular, I'd like to hear
from anyone who is actually running a NOCRYPT world.

Colin Percival
Received on Tue Apr 27 2004 - 00:08:34 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:52 UTC