Backports to 1.1.1 and what is allowed
Patrick Steuer
psteuer9 at gmail.com
Mon Jun 22 10:28:25 UTC 2020
From the view of an application dev ..
1 the reasons to chose OpenSSL over other crypto libraries are its
rich feature set and wide portability paired with good performance
across a wide range of platforms plus having a customizable
backend (engines/providers).
2 the reasons to not move away from OpenSSL trusting in LTS releases
actually being stable i.e., not causing any disruptions.
(For both 1 and 2, a good security record is a matter of course.)
IMO the current release policy of infrequent "big bang" releases
serves 2 well, but largely neglects 1 (think e.g., about
time-to-market for new processor features).
That doesnt mean that we should take all features into LTS
but i think performance improvements is an area where you
should think about it, at least in individual cases.
Patrick
More information about the openssl-project
mailing list