To close off this thread: OpenSSL will not be making any changes. The team voted on moving a set of algorithms to maintenance mode, and removing the corresponding assembly implementations from libcrypto, but the vote did not pass. Emilia On Fri, Nov 27, 2015 at 10:19 AM, Tim Hudson <tjh at cryptsoft.com> wrote: > On 24/11/2015 4:09 AM, Jakob Bohm wrote: > > But they care very much if Cisco AnyConnect (or any other > > OpenSSL using program they may need) stops working or > > becomes insecure because the OpenSSL team is breaking > > stuff just because it is not needed in their own handful > > of example uses. > > The OpenSSL team (like most open source projects) is made up of > individuals that have widely varying backgrounds and experiences - and > those experiences lead to different view points on a lot of fairly > fundamental topics. This is a good thing - as frankly a project that > doesn't have a mix of view points tends to not last. > > Between the OpenSSL team members our experiences cover a very wide range > of uses and many of us have been working on the code base for 17+ years > and have worked in areas that are certainly well outside the average or > common uses. However despite that experience we certainly don't think > that we know what all the users of the code base are doing. > > Increasingly we are making sure any debate on project direction where > there are mixed view points within the team brings in the openssl-users > and/or openssl-dev lists so we get to have input from a wider set of > people - who may or may not represent uses that we don't already know > about. > > All the view points being expressed are valid and there are good reasons > why we could as a team head in either direction (dropping out code or > keeping everything or anything along that spectrum) and what is > important is to listen to the input and see the varying points of view > and add that into the decision making process. > > So if you have a use of OpenSSL that you think the team might not know > about then please express that clearly on the list. View points on what > has been proposed are also welcome - but I think you'll find increasing > the awareness of the team about what our users are doing is the more > important of the two objectives in seeking feedback. > > Tim. > > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151209/cf1533c5/attachment.html>
