[thristian]

A crypto system is a big and complex thing, subtle and quick to anger, and I can't blame Microsoft for wanting to concentrate on the one they're already supporting, instead of having to support two.

On the other hand, for the exact same reason, I expect OpenSSH probably isn't interested in supporting anything besides LibreSSL and maybe OpenSSL, at least while they're so closely related.

[nailer]

So you think it'll remain a fork, rather than a platform for OpenSSH?

If they implemented a good openssl to cryptoAPI shim it could be usable by other projects linked against OpenSSL.

[dogma1138]

You can already configure OpenSSL to delegate the engine to CAPI which means that OpenSSL mostly works as a "shim".

[engine_section] capi = capi_config

[capi_config] engine_id = capi dynamic_path = c:\\openssl-win32\\bin\\capi.dll init=1

[drewbug]

Agreed, this would be awesome.

[masklinn]

You can already build OpenSSH without a libssl (make OPENSSL=no), it drops support for ssh1 and the only algos available are curve25519, aes-ctr, chacha, ed25519 (or were when it was first announced[0])

[0] http://article.gmane.org/gmane.os.openbsd.cvs/130612