On Fri, Sep 9, 2016 at 8:26 AM, Pfluegl, Andreas wrote:
> We started using OpenSSL in 2010 for Windows and Linux. We gladly followed
> the release strategy suggestion, as it allowed us to deliver patches without
> recompiling our code. So we still compile and link our code
We started using OpenSSL in 2010 for Windows and Linux. We gladly followed the
release strategy suggestion, as it allowed us to deliver patches without
recompiling our code. So we still compile and link our code against 1.0.0 while
delivering the current 1.0.2x versions (which by the way works
On 28/12/2014 12:26, Kurt Roeckx wrote:
On Sun, Dec 28, 2014 at 01:31:38AM +0100, Jakob Bohm wrote:
3. The 1.0.x binary compatibility promise seems to not have been
completely kept. As recently as just this December, As a practical
example: I had an OS upgrade partially fail due to the
On 29/12/2014 01:37, Matt Caswell wrote:
On 28/12/14 00:31, Jakob Bohm wrote:
On 24-12-2014 00:49, Matt Caswell wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You will have noticed that the OpenSSL 1.0.0 End Of Life Announcement
contained a link to the recently published OpenSSL Release
On Sun, Dec 28, 2014 at 01:31:38AM +0100, Jakob Bohm wrote:
3. The 1.0.x binary compatibility promise seems to not have been
completely kept. As recently as just this December, As a practical
example: I had an OS upgrade partially fail due to the presence of
a self-compiled up to date
On 28/12/14 00:31, Jakob Bohm wrote:
On 24-12-2014 00:49, Matt Caswell wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You will have noticed that the OpenSSL 1.0.0 End Of Life Announcement
contained a link to the recently published OpenSSL Release Strategy that
is available here:
For comparison, Microsoft
I'm not quite sure how we should respond to any paragraph that begins with
those words. :)
I respectfully disagree.
We, the OpenSSL dev team, all do. The release strategy document is the strong
consensus of the entire team.
--
Principal Security Engineer,
On 24-12-2014 00:49, Matt Caswell wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You will have noticed that the OpenSSL 1.0.0 End Of Life Announcement
contained a link to the recently published OpenSSL Release Strategy that
is available here:
Thanks for the detailed and thoughtful reply.
I just want to emphasize that it was not a hasty decision; we talked about it a
great deal, and we discussed the impacts as best as we could.
Our minds are pretty made up. Not everyone will be happy with all aspects.
Luckily, they have the source
Where's a good place to propose them? Here's what I currently use:
Well, watch the openssl-dev list. Check on master periodically. No specific
plans yet other than the preview release.
Generate a key pair and return n,p,q,d
Generate the public key structure from n,e Generate the private
On 12/24/2014 4:35 PM, Salz, Rich wrote:
1 - Will the RSA structure be opaque? I have a continuing need to construct
an RSA structure from binary arrays of public and private key parts and vice
versa.
Will I lose that?
Maybe. Proposing new constructors that met your needs is probably a good
On 12/24/2014 5:46 PM, Jeffrey Walton wrote:
Here's another counterpoint: when those structures are made opaque,
that means we have to go to the memory manager for a struct that could
otherwise be stack based. And we have to free it. That can slow things
down considerably.
My intuition says
Version 1.1.0 will (moderately) break source compatibility (for example we will
make most structures opaque etc).
I as a user, I have two points of concern
1 - Will the RSA structure be opaque? I have a continuing need to
construct an RSA structure from binary arrays of public and private
1 - Will the RSA structure be opaque? I have a continuing need to construct
an RSA structure from binary arrays of public and private key parts and vice
versa.
Will I lose that?
Maybe. Proposing new constructors that met your needs is probably a good
thing to do.
2 - The SHA contexts
On Wed, Dec 24, 2014, Ken Goldman wrote:
Version 1.1.0 will (moderately) break source compatibility (for example we
will make most structures opaque etc).
I as a user, I have two points of concern
1 - Will the RSA structure be opaque? I have a continuing need to
construct an RSA
What I'd find useful would be a branch for me to test with so that I can
let you know areas where we're having to get into the guts of an openssl
structure right now that will be opaque in future. IIRC last time I tried
using the define to minimise the exposed api (I forget what it was called)
On Wed, Dec 24, 2014 at 4:55 PM, Dr. Stephen Henson st...@openssl.org wrote:
On Wed, Dec 24, 2014, Ken Goldman wrote:
Version 1.1.0 will (moderately) break source compatibility (for example we
will make most structures opaque etc).
I as a user, I have two points of concern
1 - Will the
But I despise having to go to the
memory manager for something like a BN_CTX that could live on the stack.
Sorry, but that's the way it's gonna be. There are plenty of things to despise
in OpenSSL, I wouldn't have put must allocate structures from the heap
anywhere near the top of my list :)
What I'd find useful would be a branch for me to test with
Well, the release doc says our goal is year-end release with a previous
mid-year. Once 1.0.2 goes out, I would assume that 'master' will get a lot of
activity in that area, and you can try with that.
Note that I think the goal of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You will have noticed that the OpenSSL 1.0.0 End Of Life Announcement
contained a link to the recently published OpenSSL Release Strategy that
is available here:
https://www.openssl.org/about/releasestrat.html
I have put up a blog post on the
20 matches
Mail list logo