OTC VOTE: Revert the commits merged from PR #16027 in 1.1.1

Tomas Mraz tomas at openssl.org
Wed Aug 11 07:59:59 UTC 2021


As this vote is still ongoing I am going to somewhat promote its case.
I really suspect that many applications albeit somewhat special ones
will be broken by this change. So although the change can be surely
viewed as a bug fix it is IMO wrong that it was merged to the 1.1.1
branch.

Although there might be security implications of exporting an
incomplete/broken DER encoding, no concrete security issue was
presented that exists unless this bug is fixed.

On Tue, 2021-08-10 at 11:53 +0100, Matt Caswell wrote:
> topic: Revert the commits merged from PR #16027 in 1.1.1
> Comment: Refer to issue #16266 for background
> Proposed by Tomas Mraz
> Public: yes
> opened: 2021-08-10
> closed: 2021-mm-dd
> accepted:  yes/no  (for: X, against: Y, abstained: Z, not voted: T)
> 
>    Dmitry     [+1]
>    Matt       [+1]
>    Pauli      [  ]
>    Tim        [-1]
>    Richard    [  ]
>    Shane      [-1]
>    Tomas      [+1]
>    Kurt       [  ]
>    Matthias   [  ]
>    Nicola     [-1]

-- 
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]




More information about the openssl-project mailing list