[openssl-commits] [web] master update

Rich Salz rsalz at openssl.org
Wed May 23 23:58:35 UTC 2018

The branch master has been updated
       via  c9f50cbf963b7d9949332c17e614ad0a6e97d431 (commit)
      from  ac5eb58ddc24db122c494b4cb13de3adff366e48 (commit)

- Log -----------------------------------------------------------------
commit c9f50cbf963b7d9949332c17e614ad0a6e97d431
Author: Rich Salz <rsalz at akamai.com>
Date:   Wed May 23 19:57:47 2018 -0400

    Revert "Remove rationale, clarify language."
    This reverts commit ac5eb58ddc24db122c494b4cb13de3adff366e48.


Summary of changes:
 policies/releasestrat.html | 28 ++++++++++++++++++++--------
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/policies/releasestrat.html b/policies/releasestrat.html
index 83b85d2..3f37936 100644
--- a/policies/releasestrat.html
+++ b/policies/releasestrat.html
@@ -34,6 +34,20 @@
 	  performance improvements and so on. There is no need to
 	  recompile applications to benefit from these features.</p>
+	  <p>Binary compatibility also allows other possibilities. For
+	  example, consider an application that wishes to utilize
+	  a new cipher provided in a specific 1.0.x release, but it
+	  is also desirable to maintain the application in a 1.0.0
+	  context.  Customarily this would be resolved at compile time
+	  resulting in two binary packages targeting different OpenSSL
+	  versions. However, depending on the feature, it might be
+	  possible to check for its availability at run-time, thus cutting
+	  down on the maintenance of multiple binary packages. Admittedly
+	  it takes a certain discipline and some extra coding, but we
+	  would like to encourage such practice. This is because we
+	  want to see later releases being adopted faster, because new
+	  features can improve security.</p>
 	  <p>With regards to current and future releases the OpenSSL
 	  project has adopted the following policy:</p>
@@ -50,18 +64,15 @@
 	  and we will specify one at least every four years. Non-LTS
 	  releases will be supported for at least two years.</p>
-	  <p>During the final year
+	  <p>As implied by the above paragraphs, during the final year
 	  of support, we do not commit to anything other than security
-	  fixes. Before then, bug and security fixes will be applied
+	  fixes. Before that, bug and security fixes will be applied
 	  as appropriate.</p>
 	  <p>The next version of OpenSSL will be 1.1.1. This is currently in
 	  development and has a primary focus of implementing TLSv1.3. The
 	  RFC for TLSv1.3 has not yet been published by the IETF. OpenSSL 1.1.1
-	  will not have its final release until that has happened;
-          we want to have at least one beta release after TLS 1.3 is
-          officially published as an RFC. The next LTS release will be
-          1.1.1.</p>
+	  will not have its final release until that has happened.</p>
 	  <p>The draft release timetable for 1.1.1 is as follows. This may be
           amended at any time as the need arises.</p>
@@ -77,8 +88,9 @@
 	    <li>3rd April 2018, beta release 2 (pre4)</li>
 	    <li>17th April 2018, beta release 3 (pre5)</li>
 	    <li>1st May 2018, beta release 4 (pre6)</li>
-            <li>29th May 2018, beta release 5 (pre7)</li>
-            <li>19th June 2018, beta release 6 (pre8)</li>
+	    <li>8th May 2018, release readiness check (new release
+		cycles added if required, first possible final release date:
+		15th May 2018)</li>
 	  <p>An alpha release means:</p>

More information about the openssl-commits mailing list