Legacy provider
Richard Levitte
levitte at openssl.org
Wed Jan 15 21:56:48 UTC 2020
On Wed, 15 Jan 2020 21:07:54 +0100,
Benjamin Kaduk wrote:
>
> Hi Pauli,
>
> On Tue, Jan 14, 2020 at 09:34:40PM +1000, Dr Paul Dale wrote:
> > The OMC vote is closed.
> >
> > The vote text being:
> >
> > The legacy provider should be disabled by default in 3.0
> >
> > With the clarification that "disabled" in this context means "not loaded”.
> >
> > The vote passed (two for, one against, four abstain)
>
> It's good to have a decision here, but I'm kind of worried about the four
> abstains -- it's easy for me to leap to a conclusion that the individuals
> in question just didn't want to to spend the time to come to a considered
> position, even though this issue has substantial potential impact for our
> userbase. I'm trying to not make faulty assumptions, so some greater
> clarity on the circumstances would be helpful, if possible.
This was a vote that I found extremely difficult. This topic has been
disputed on and off for quite a while, both on github and within the
OMC, and I could never decide between the two sides. Both have pros
and cons that outweigh each other.
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-project
mailing list