On Thu, 20 Jun 2024 at 08:55, Mike Looijmans <mike.looijm...@topic.nl> wrote: > Keep in mind that there are millions of released and installed systems out > there. Their owners will get very, very angry if a software upgrade locks them > out. > > Desktop distros may be able to bluntly disable some protocols, because there's > always a user that has access and can patch things up, but embedded systems > often offer no access whatsoever apart from the SSH interface, so there's no > way to go in and "fix" it if something invalidates the keys on the system. > > Hence my vote is for option 3 and please ignore what the big distros do. > > Four years may seem long to some people. For embedded systems, that's just a > normal number that "uptime" would return.
I'm not sure I understand your point. Pushing software updates to the field without first testing them locally is insane. If that practice bricks the devices, I have no sympathy for the vendor. Second, a change like this will not happen in LTS. LTS doesn't (knowingly) break things, or add new features. In master, on the other hand, it can and it should happen: a bit part of keeping things secure is disabling or removing insecure crypto. Various upstreams do this all the time, and I don't see why we can't. Alex
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#63373): https://lists.yoctoproject.org/g/yocto/message/63373 Mute This Topic: https://lists.yoctoproject.org/mt/106649419/21656 Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
