Backports to 1.1.1 and what is allowed

Patrick Steuer psteuer9 at
Mon Jun 22 10:28:25 UTC 2020

 From the view of an application dev ..

1 the reasons to chose OpenSSL over other crypto libraries are its
   rich feature set and wide portability paired with good performance
   across a wide range of platforms plus having a customizable
   backend (engines/providers).

2 the reasons to not move away from OpenSSL trusting in LTS releases
   actually being stable i.e., not causing any disruptions.

(For both 1 and 2, a good security record is a matter of course.)

IMO the current release policy of infrequent "big bang" releases
serves 2 well, but largely neglects 1 (think e.g., about
time-to-market for new processor features).

That doesnt mean that we should take all features into LTS
but i think performance improvements is an area where you
should think about it, at least in individual cases.


More information about the openssl-project mailing list