[openssl-users] A path for feature obsolescence

Sec_Aficiondado secaficionado at gmail.com
Tue Jan 26 18:38:05 UTC 2016


Hello,

This occurred to me the other day after reading a thread about the possibility of removing some functions in OpenSSL. No matter how arcane or obscure, any existing feature is bound to have very loyal and probably vocal users. So my idea is along these lines:

1. Announce the potential removal (same as today) and wait for comments.
2. If there are no compelling reasons (the Internet won't catch on fire) and no resources are available to keep this in the code, move the feature to something that will require an explicit configure option (i. e. --with-arcane-function). OpenSSL will build without it from that point on by default.
3. Move the code to a "place" where it can stay untouched and announce that the feature is no longer maintained and not even guaranteed to build. Anyone who needs it is still welcome to include it in their build or tinker with it.

I know not everything is modular enough to work well in this scenario but it eases users into other solutions. It also empowers users to take portions of code and modify them according to their needs.

If something is truly as important as people claim, someone will fork and update the feature to keep it working with the latest OpenSSL. Most likely, though, everyone will find an alternate solution and move on.

A path to obsolescence will be more work for OpenSSL devs at first, but hopefully less drama overall.

Just my 2¢.


More information about the openssl-users mailing list