Warm Regards, 

 Raymond Tan

> -----Original Message-----
> From: Mark Hatle [mailto:mark.ha...@windriver.com]
> Sent: Thursday, October 06, 2016 11:40 PM
> To: Khem Raj <raj.k...@gmail.com>
> Cc: Tan, Raymond <raymond....@intel.com>; openembedded-
> c...@lists.openembedded.org; Gupta, Rahul KumarXX
> <rahul.kumarxx.gu...@intel.com>
> Subject: Re: [OE-core] openssl: OpenSSL 1.1.x update
> 
> On 10/6/16 10:22 AM, Khem Raj wrote:
> >
> >> On Oct 6, 2016, at 7:21 AM, Mark Hatle <mark.ha...@windriver.com>
> wrote:
> >>
> >> On 10/5/16 9:59 PM, Khem Raj wrote:
> >>> On Wed, Oct 5, 2016 at 7:33 PM, Mark Hatle <mark.ha...@windriver.com>
> wrote:
> >>>> On 10/5/16 9:11 PM, Tan, Raymond wrote:
> >>>>> Greetings, I would like to know if there is any plan / schedule to 
> >>>>> upgrade
> to openssl 1.1.0 into OE-core?
> >>>>
> >>>> Currently 1.0.2 is the LTS version of OpenSSL.  1.1.0 is not scheduled 
> >>>> to be
> LTS.
> >>>>
> >>>> For the upcoming release (soon), I would NOT expect 1.1.0 to be in
> >>>> it.  There are still too many incompatibilities with other components.
> >>>>
> >>>> For the next version of OE, I think it is appropriate to include
> >>>> 1.1.0, but I would also like to maintain 1.0.2 for the time being.
> >>>> (Beside LTS, it also is still the only way to have FIPS-140-2
> >>>> module, as there is currently no module in the 1.1.0 -- and there
> >>>> may not be for a while.)
> >>>

This means earliest possible would be post morty? And 1.0.2 would still be 
maintained in there due to the LTS status?

The reason I'm checking is we are trying to integrate a new QAT openssl engine, 
which is developed for openssl 1.1.0. 

> >>> What do we get with 1.1.0 ?
> >>
> >> Latest and greatest code of course.. :)
> >>
> >> Reality, not a lot more over 1.0.2... there are some significant
> >> redesigns that should help improve overall security of the OpenSSL
> >> library and items using the library.  But various things will have to be
> updated to make use of this.
> >>
> >> The OpenSSL community itself is looking at 1.1.0 as a transition to
> >> newer and better design/api/etc... which is why it is not marked as a LTS
> release.
> >
> > api changes can be a bothersome point from integration POV, do we know
> > if there are some forwarded porting incompatibilities in APIs already?
> 
> I have not investigated it, as my focus has been on the LTS version at this 
> point.
> 
> --Mark
> 
> >>
> >> Beside my basic understanding (above) there should be information as
> >> part of the
> >> 1.1.0 release notes.
> >>
> >> --Mark
> >>
> >>>>
> >>>> --Mark
> >>>>
> >>>>> Thanks!
> >>>>>
> >>>>> Raymond Tan
> >>>>>
> >>>>
> >>>> --
> >>>> _______________________________________________
> >>>> Openembedded-core mailing list
> >>>> Openembedded-core@lists.openembedded.org
> >>>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
> >>
> >

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Reply via email to