[openssl-project] [openssl-dev] Blog post; changing in email, crypto policy, etc

Salz, Rich rsalz at akamai.com
Tue Jan 23 02:05:43 UTC 2018


    Sorry, but no, not OK. "Do not *plan*"? Doesn't it imply "plans can
    change"? So it *is* open question. Really? It should be "we shall
    *refuse* to *implement* an insecure option(*)". Period.

Great, no define ‘insecure’

I don’t think I have anything else to add on this thread.  Maybe someone else will chime in.

WE ARE NOT GOING TO KNOWINGLY IMPLEMENT OR PROVIDE ANYTHING THAT IS KNOWN TO BE INSECURE ACCORDING TO iNDUSTRY STANDARD.




More information about the openssl-project mailing list