[openssl-project] Proposed vote text for the SSL_CB_HANDSHAKE_START change

Matt Caswell matt at openssl.org
Thu Jan 31 19:42:10 UTC 2019

On 31/01/2019 18:50, David Benjamin wrote:
> We will see if this damage turns out fatal for KeyUpdate, but OpenSSL can at
> least help slow its spread by issuing a fix

That's precisely what PR 8096 does.

> As a heuristic for API design: if the caller needs to know the implementation
> details of OpenSSL to understand what this API does, the API is no good.
> Existing code cannot possibly predict how OpenSSL's implementation will evolve
> over time, so there is no way to use such an API in a future-proof way. Do not
> introduce such APIs.

The info callback has been around a *long* time. In fact OpenSSL did not
introduce it at all - we inherited it from SSLeay. Arguments about whether it is
a good API or not don't help the issue at hand. The API exists, applications use
it, and so (for now at least) we continue to support it.

Given that it already existed we had to make a decision about how it was going
to work in the presence of TLSv1.3. We did what we believed to be the correct
thing at the time. The changes were pretty minimal and we tried to keep things
as close to what existing users of the callback would expect. It turns out we
got it wrong.


More information about the openssl-project mailing list