+1 On Wed, Nov 15, 2023 at 4:56 PM Masakazu Kitajo <mas...@apache.org> wrote:
> Hi all, > > I'd like to propose having the minimum "version" for BoringSSL for ATS 10. > Since BoringSSL does not have versions, obviously they do not follow > semantic versioning. We can only pick a random commit hash to draw a > line, and drawing the line does not guarantee anything in terms of > compatibility unlike the one for OpenSSL. However, it would allow us to > clean up unnecessary code/check for too old BoringSSL at a minimum. For > example, a constant, TLS1_3_VERSION, has been available since 2016, and > OpenSSL 1.1.1 has it too. There is no reason to check the availability (if > we bump the minimum OpenSSL version to 1.1.1). > > If we agree on having the minimum version (or oldest commit) for > BoringSSL, I'd suggest this commit below: > > https://boringssl.googlesource.com/boringssl/+/a1843d660b47116207877614af53defa767be46a > > It's almost a random pick, but I think it's a reasonable commit hash > because everything I mentioned at the summit worked fine with it. And it's > also new enough to use with Quiche. > > Let me know if you have any comments. > > Thanks, > Masakazu > > -- "Come to Me, all who are weary and heavy-laden, and I will give you rest. Take My yoke upon you and learn from Me, for I am gentle and humble in heart, and you will find rest for your souls. For My yoke is easy and My burden is light." ~ Matthew 11:28-30
