On Tue, 15 Nov 2016, Jakub Jelen wrote: > On 11/15/2016 12:02 AM, Damien Miller wrote: > > On Mon, 14 Nov 2016, Jakub Jelen wrote: > > > > > Thank you for the comments. I understand the upstream directions and > > > that the OpenSSL step is not ideal. The distros will probably have to > > > carry these patches until the changes will settle down a bit. > > AFAIK Red Hat employs at least one OpenSSL maintainer. What is their > > view on this situation? > > Yes, you got a message off-the-list from Tomas Mraz, our OpenSSL maintainer, > one week ago. The OpenSSL certainly wants to resolve these issues from their > side (compat library in addition to 1.0.2 from OpenSSL side). But that will > not help us with compatibility against LibreSSL if I see right. For my part, I'm going to wait a while to see what migration improvements come from OpenSSL and I don't plan on merging any changes to support 1.1.x until there's a better story. I'm sure that if OpenSSL come up with a cleaner way for their users to support 1.0.x and 1.1.x then it will be easier to convince Libre/BoringSSL to follow suit. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
