[openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Fri Nov 13 22:14:31 UTC 2015
FWIW, I agree with Viktor.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Salz, Rich
Sent: Friday, November 13, 2015 17:02
To: openssl-dev at openssl.org
Reply To: openssl-dev at openssl.org
Subject: Re: [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback
> So I'm trying to help move forward, without creating artificial barriers. Let's fix TLS (libssl) first, and we can tackle libcrypto in a later release.
I disagree.
I think the main driver will be OpenSSL 1.1-next, which will have TLS 1.3 support. So the purpose of this realease will be to flush out bad code and bad crypto, completely refresh and overhaul many things. And if some folks wait because they need to still use old, bad or unsupported, crypto algorithms, so be it. Can't please everyone. And they've got time to fix it before they decide they really really want TLS 1.3 :)
So I don't view this as an artificial barrier. I view it as a preview for the real thing people will want, which is the *next* release.
/r$
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4350 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151113/4935db77/attachment-0001.bin>
More information about the openssl-dev
mailing list