On Fri, 26 Feb 2021, Darren Tucker wrote:
> On Fri, 26 Feb 2021 at 01:21, Dmitry Belyavskiy <dbelyavs at
redhat.com> wrote:
> > If the proposed Edwards solution
(https://github.com/openssh/openssh-portable/pull/230) is not too big, I'd
like to clean it up and get it added.
>
> I'll defer to Damien but to me that looks too big to go in this late
> in the release cycle.
yes, it's too late in the cycle for this. We also don't have any
hardware to test it against - experience has made me reticent to ship
anything to do with PKCS#11 that we can test against only a single
software implementation.
A bigger problem however is libcrypto compatibility. The last time I
checked, libressl lacks the EVP_PKEY functionality for ED25519 keys.
They were considering it then, but I'll have to check back and see
what the status is.
-d