Hi Margarita, Margarita Manterola <ma...@debian.org> writes: > I'm neither the maintainer nor part of the release team, so I have no > authority to decide anything. However, I thought it was clear from my > first mail that I considered that the package was in a very bad state > and that a fix would be too disruptive for wheezy. I did want to get > the package fixed for the future, though. If by "first mail" you refer to your message in an entirely unrelated bugreport which I only found after I had done all the work, then I’d recommend that you update all reports which might be affected by your findings in the future :-).
> Your patch does seem to work on fixing most of the issues that I had > identified, and you have tested it thoroughly (I haven't run the tests > myself, though), so I guess it would be alright to upload it to unstable. > However, I doubt that such a big change for such a small package would be > granted an unblock for testing. We will never know if we don’t try. Kevin, what do you think? Could you upload a new version or do you want us to NMU? > Well, 293 installations, with "61" votes (regular use). I really > think it would be a bad idea to have a tool that deletes and shreds > files as an automatic backup tool, but other people might have other > ideas... Encrypting a backup after creating it is not such a weird idea. The detail that the tool shreds old data might have been missed or accepted by our hypothetical backup script writers. Also keep in mind how popcon votes are counted: It means that people have bcrypt mapped into memory at the time when popcon runs. For such a small tool (in contrary to a daemon), the votes are not really helpful. > Right, I didn't think about binary compatibility, and I wasn't really > planning on getting a block exception for that one either. Do you think > it's not possible to achieve binary compatibility using the openssl > command? I am sure that it is not possible to achieve binary compatibility when using only the openssl cli. You need at least a wrapper which takes care of the custom file format that bcrypt uses, and when you write that, you can really just keep bcrypt. It’s not much more than that. -- Best regards, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
