On Fri, Sep 9, 2016 at 8:26 AM, Pfluegl, Andreas wrote:
> We started using OpenSSL in 2010 for Windows and Linux. We gladly followed
> the release strategy suggestion, as it allowed us to deliver patches without
> recompiling our code. So we still compile and link our code against 1.0.0
> while de
We started using OpenSSL in 2010 for Windows and Linux. We gladly followed the
release strategy suggestion, as it allowed us to deliver patches without
recompiling our code. So we still compile and link our code against 1.0.0 while
delivering the current 1.0.2x versions (which by the way works g
On 29/12/2014 01:37, Matt Caswell wrote:
On 28/12/14 00:31, Jakob Bohm wrote:
On 24-12-2014 00:49, Matt Caswell wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You will have noticed that the OpenSSL 1.0.0 End Of Life Announcement
contained a link to the recently published OpenSSL Release
On 28/12/2014 12:26, Kurt Roeckx wrote:
On Sun, Dec 28, 2014 at 01:31:38AM +0100, Jakob Bohm wrote:
3. The 1.0.x binary compatibility promise seems to not have been
completely kept. As recently as just this December, As a practical
example: I had an OS upgrade partially fail due to the pres
> For comparison, Microsoft
I'm not quite sure how we should respond to any paragraph that begins with
those words. :)
> I respectfully disagree.
We, the OpenSSL dev team, all do. The release strategy document is the strong
consensus of the entire team.
--
Principal Security Engineer,
On 28/12/14 00:31, Jakob Bohm wrote:
> On 24-12-2014 00:49, Matt Caswell wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> You will have noticed that the OpenSSL 1.0.0 End Of Life Announcement
>> contained a link to the recently published OpenSSL Release Strategy that
>> is availab
On Sun, Dec 28, 2014 at 01:31:38AM +0100, Jakob Bohm wrote:
> 3. The 1.0.x binary compatibility promise seems to not have been
> completely kept. As recently as just this December, As a practical
> example: I had an OS upgrade partially fail due to the presence of
> a self-compiled up to date 1
Thanks for the detailed and thoughtful reply.
I just want to emphasize that it was not a hasty decision; we talked about it a
great deal, and we discussed the impacts as best as we could.
Our minds are pretty made up. Not everyone will be happy with all aspects.
Luckily, they have the source
On 24-12-2014 00:49, Matt Caswell wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You will have noticed that the OpenSSL 1.0.0 End Of Life Announcement
contained a link to the recently published OpenSSL Release Strategy that
is available here:
https://www.openssl.org/about/releasestrat.html
> Where's a good place to propose them? Here's what I currently use:
Well, watch the openssl-dev list. Check on master periodically. No specific
plans yet other than the preview release.
> Generate a key pair and return n,p,q,d
> Generate the public key structure from n,e Generate the private
On 12/24/2014 5:46 PM, Jeffrey Walton wrote:
Here's another counterpoint: when those structures are made opaque,
that means we have to go to the memory manager for a struct that could
otherwise be stack based. And we have to free it. That can slow things
down considerably.
My intuition says th
On 12/24/2014 4:35 PM, Salz, Rich wrote:
1 - Will the RSA structure be opaque? I have a continuing need to construct
an RSA structure from binary arrays of public and private key parts and vice
versa.
Will I lose that?
Maybe. Proposing new "constructors" that met your needs is probably a goo
> What I'd find useful would be a branch for me to test with
Well, the release doc says our goal is year-end release with a previous
mid-year. Once 1.0.2 goes out, I would assume that 'master' will get a lot of
activity in that area, and you can try with that.
>Note that I think the goal of m
> But I despise having to go to the
> memory manager for something like a BN_CTX that could live on the stack.
Sorry, but that's the way it's gonna be. There are plenty of things to despise
in OpenSSL, I wouldn't have put "must allocate structures from the heap"
anywhere near the top of my list
On Wed, Dec 24, 2014 at 4:55 PM, Dr. Stephen Henson wrote:
> On Wed, Dec 24, 2014, Ken Goldman wrote:
>
>> >Version 1.1.0 will (moderately) break source compatibility (for example we
>> >will make most structures opaque etc).
>>
>> I as a user, I have two points of concern"
>>
>> 1 - Will the RSA
What I'd find useful would be a branch for me to test with so that I can
let you know areas where we're having to get into the guts of an openssl
structure right now that will be opaque in future. IIRC last time I tried
using the define to minimise the exposed api (I forget what it was called)
ther
On Wed, Dec 24, 2014, Ken Goldman wrote:
> >Version 1.1.0 will (moderately) break source compatibility (for example we
> >will make most structures opaque etc).
>
> I as a user, I have two points of concern"
>
> 1 - Will the RSA structure be opaque? I have a continuing need to
> construct an R
> 1 - Will the RSA structure be opaque? I have a continuing need to construct
> an RSA structure from binary arrays of public and private key parts and vice
> versa.
>
> Will I lose that?
Maybe. Proposing new "constructors" that met your needs is probably a good
thing to do.
> 2 - The SHA con
Version 1.1.0 will (moderately) break source compatibility (for example we will
make most structures opaque etc).
I as a user, I have two points of concern"
1 - Will the RSA structure be opaque? I have a continuing need to
construct an RSA structure from binary arrays of public and private k
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You will have noticed that the OpenSSL 1.0.0 End Of Life Announcement
contained a link to the recently published OpenSSL Release Strategy that
is available here:
https://www.openssl.org/about/releasestrat.html
I have put up a blog post on the thinkin
20 matches
Mail list logo
