Hi Julien, On Fri, Jan 01, 2016 at 09:47:11PM +0100, Julien Cristau wrote: > On Thu, Dec 31, 2015 at 13:13:19 +0100, Guido Günther wrote: > > > * We would have the same crypto policies for programs linked against > > nss in all suites. > > > From a stable user perspective, I'm not sure I see that as an advantage, > if it means things end up breaking on point releases.
I forgot to add that nss is very conservative in changing these policies. The packages using it like icewaeasel/icedove are far more aggressive in changing defaults. Currently we have these things somethimes entangled with security updates which is not ideal either so I think having these at point release time with some time to prepare for upgrades is actually an advantage. Cheers, -- Guido
