Reducing the security bits for MD5 and SHA1 in TLS - OTC or OMC vote?

Dr. Matthias St. Pierre Matthias.St.Pierre at ncp-e.com
Wed May 27 14:16:17 UTC 2020


> IMO it seems appropriate to have an OMC vote on this topic (or should it
> be OTC?). Possible wording:

Personally, I would prefer if technical questions would by default be discussed (and voted on)
by the OTC, unless an OMC member explicitly puts in his veto and claims that higher level
strategical interests of the OpenSSL project are affected.

But according to the current wording of the bylaws, I would say it is a 'feature requirement' and
requires an OMC vote:

> The OMC:
>
> * makes all decisions regarding management and strategic direction of the project; including:
>     - business requirements;
>     - feature requirements;
>     - platform requirements;
>     - roadmap requirements and priority;
>     - end-of-life decisions;
>     - release timing and requirement decisions;

Matthias



More information about the openssl-project mailing list