[openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback
Salz, Rich
rsalz at akamai.com
Fri Nov 13 22:02:02 UTC 2015
> So I'm trying to help move forward, without creating artificial barriers. Let's fix TLS (libssl) first, and we can tackle libcrypto in a later release.
I disagree.
I think the main driver will be OpenSSL 1.1-next, which will have TLS 1.3 support. So the purpose of this realease will be to flush out bad code and bad crypto, completely refresh and overhaul many things. And if some folks wait because they need to still use old, bad or unsupported, crypto algorithms, so be it. Can't please everyone. And they've got time to fix it before they decide they really really want TLS 1.3 :)
So I don't view this as an artificial barrier. I view it as a preview for the real thing people will want, which is the *next* release.
/r$
More information about the openssl-dev
mailing list