[openssl-project] FW: [openssl-omc] VOTE on removing rationale for binary compatibility

Salz, Rich rsalz at akamai.com
Tue May 15 15:38:25 UTC 2018


From: Rich Salz <rsalz at akamai.com>
Reply-To: "openssl-omc at openssl.org" <openssl-omc at openssl.org>
Date: Tuesday, May 15, 2018 at 11:36 AM
To: "openssl-omc at openssl.org" <openssl-omc at openssl.org>
Subject: [openssl-omc] VOTE on removing rationale for binary compatibility

Matt raised the issue that since this paragraph is in the release strategy, we need a vote to remove it.

In policies/releasestrat.html<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_openssl_web_pull_52-23discussion-5Fr188209247&d=DwMCaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=zPyeUi8WOcpplVIJzn5JMXMziZ_NAibsW5dBetq7aTw&s=CIeCvQ1Y3d2pnc6KOj1xdpNha4hc6ryZdMzfG0u_J0I&e=>:

> @@ -34,20 +34,6 @@ <h5>

          performance improvements and so on. There is no need to

          recompile applications to benefit from these features.</p>

-         <p>Binary compatibility also allows other possibilities. For

-         example, consider an application that wishes to utilize

-         a new cipher provided in a specific 1.0.x release, but it

-         is also desirable to maintain the application in a 1.0.0

-         context.  Customarily this would be resolved at compile time

-         resulting in two binary packages targeting different OpenSSL

-         versions. However, depending on the feature, it might be

-         possible to check for its availability at run-time, thus cutting

-         down on the maintenance of multiple binary packages. Admittedly

-         it takes a certain discipline and some extra coding, but we

-         would like to encourage such practice. This is because we

-         want to see later releases being adopted faster, because new

-         features can improve security.</p>


Mark’s pointed out that when he removed rationale from the security policy, it was with a vote.  So here’s a vote.
topic: Remove the second paragraph ("Binary compatibility...improve security")
from the release strategy.
Proposed by Rich
Public: yes
opened: 2018-05-15
closed: yyyy-mm-dd

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20180515/bf3a92bd/attachment.html>

More information about the openssl-project mailing list