> On Oct 10, 2018, at 3:01 PM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > > On Wed, Oct 10, 2018 at 1:45 PM Jim Jagielski <j...@jagunet.com > <mailto:j...@jagunet.com>> wrote: > I thought the whole intent for a quick 2.4.36 was for TLSv1.3 support. > > If that's not ready for prime time, then why a release?? > > AIUI, it isn't that httpd isn't ready for release, or even httpd-test > framework. > Until all the upstream CPAN modules behave reasonably with openssl 1.1.1 > we will continue to see odd test results.
The question is How Comfortable Are We That TLSv1.3 Support Is Production Ready? This release seems very, very rushed to me. It seems strange that for someone who balks against releasing s/w that hasn't been sufficiently tested, or could cause regressions, and that the sole reason for this particular release is TLSv1.3 support which seems insufficiently tested, you are uncharacteristic cool with all this.