On Fri, Apr 1, 2016 at 12:36 AM, Daniel <[email protected]> wrote: > ... > However, if we make this change, API callers that depend on the > implemented (unpromised) behaviour — that is, API callers that assume > the output parameter will be initialized even on error returns — will > then decide whether to save the plaintext password to disk according to > the value of uninitialized memory. >
no no no ... we've always said that OUT parameters are not dependable when an error occurs. I see no reason to change here. Especially no reason to claim an API change/errata. >... Cheers, -g
