On Wed, 2 Nov 2016, Michael Stone wrote: > On Thu, Nov 03, 2016 at 09:33:23AM +1100, Damien Miller wrote: > > It's disappointing though that OpenSSL didn't see fit to write their own > > set of 1.0.x->1.1.x API shims and ship it alongside 1.0.x releases. It > > would have made the transition easier for everyone I think. > > Given how much flack they got from various quarters, including in > particular the libressl folks, for carrying "too much legacy baggage" that > would have ironic if nothing else. I think you misunderstand: I'm not suggesting they carry 1.0.x API in 1.1.x (that would be self-defeating), but providing standard forward- compat code in 1.0.x so everyone else doesn't have to write their own. IMO nobody is in a better position to write said compat code than the OpenSSL developers and forcing application developers to write them greatly multiplies the number of shim implementations and thus the likelihood of bugs in one or more of them. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev