Anyone taken a look at these patches? I'm curious if there's security
implications to this.
http://www.psc.edu/networking/projects/hpn-ssh/
I can't say, but based on pass experience I would say that if the
patches were god and pass upstream without any security issue that they
would be part of OpenSSH already unless they are with GNU license obviously.
I know OpenBSD do not go after speed first, but security, however
anytime efficient improvement do not go against the first goal of
security, I didn't see to many patch refuse for sure, specially here for
example where it is a factor of 10x.
So, may be that was a project on the side that no one knew, however I
don't think so. So, based on that I would say that if the patches are
not included in the main tree that the developers must think there are
not right or that there is issues with them.
That's simple logic really.
I never say anyone rejecting patches just to reject them, following that
logic I would say if they are not in the tree, then they must judge that
there are issue with them, or that this project never cared to send them
upstream to get them included and argue the pros/cons of them to a
satisfaction to be included.
That's my take on it.
Draw your own conclusion however, your judgment is as good as mine.
Best,
Daniel
