[openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback
Salz, Rich
rsalz at akamai.com
Tue Nov 17 03:58:53 UTC 2015
> Don’t punish users for choosing OpenSSL library to handle their non-SSL cryptographic needs and implicitly trusting the developers that they won’t be left in the cold.
Can we please be less inflammatory?
Old unused code is a security risk. We’re trying to reduce the attack surface *responsibly.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20151117/06953263/attachment-0001.html>
More information about the openssl-dev
mailing list