On Fri, Nov 13, 2015 at 09:20:47PM +0000, Salz, Rich wrote: > > Actually deleting algorithms is *very* difficult. > > Yes. > > And we're doing the best we can by asking reasonably. > > Some people may get burnt. Oh well. It's open source, fork if you have to.
What we primarily don't want to happen is to delay the use of OpenSSL 1.1.0 because it breaks too much. If we ensure that TLS is free of weak crypto, but (for now) leave some weaker crypto in the library, so that platforms can deliver the new libcrypto in /usr/lib and not break existing applications, I think that's more useful that immediately breaking builds of all applications that happen to touch legacy crypto. So I'm trying to help move forward, without creating artificial barriers. Let's fix TLS (libssl) first, and we can tackle libcrypto in a later release. -- Viktor. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev