[openssl-users] TLS 1.3 and the release

Michael Richardson mcr at sandelman.ca
Sun Aug 12 18:12:48 UTC 2018

Salz, Rich via openssl-users <openssl-users at openssl.org> wrote:
    > You probably know by now that TLS 1.3 was just released as RFC 8446;
    > https://www.rfc-editor.org/info/rfc8446 This note is just trying to
    > forestall a number of question threads.

    > Our release plan called for one final beta (there were various
    > draft-interop things to take out and some other little nits) and then
    > the official release. We have had no discussion of changing that plan.


There are a bunch of non-openssl-project issues that are gonna need some
coordination if we are gonna get TLS 1.3 out there better.

I'm just dealing with trying to get openssl 1.1.0 to get installed on Ubuntu
bionic.  Yes, there is a package, but all the other packages depend upon
1.0.x.... and many things are linking against 1.0.x rather than 1.1, when
both are installed...  I don't know why they build stuff against 1.0.x
rather than 1.1.0: I think it's a packaging oops.

The story is worse for Xenial, on which many containers are presently based.
Debian jessie/stretch and Devuan jessie/ascii might be in better situation,
or maybe my observations of them are tainted by having installed from source.

I realize that this is "not your problem", but I want to suggest that we open
an Issue now in order to attract google hits so that it can be coordinated.
In particular there are dozens of ubuntu PPAs that have rebuilds of openssl +
XYZ, but 3/4 of them are stale... it would be nice to nominate a non-lame "winner"
I can open such an Issue if you like.

]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180812/9b602940/attachment.sig>

More information about the openssl-users mailing list