Re: Open-SSL vs SSLeay v0.90

Tue, 12 Jan 1999 15:03:04 -0500 

At 11:40 AM 1/12/99 +0100, Ralf S. Engelschall wrote:

>OpenSSL 0.9.1c is the same as SSLeay, at least "optically", so you can use it
>without changes. For the forthcoming OpenSSL 0.9.2 Ben has to just add support
>to Apache-SSL for the new "openssl" binary.  For mod_ssl this is already done.
>More is usually not needed. Actually it will be the other way round:
>Supporting the old SSLeay versions gets harder when new features are present
>in OpenSSL. 

Thank you, I'll put it on the next production track.

>BTW, Apache 1.3.2 and Ben-SSL 1.25 are not the current versions.

Yes, I know this. However, it is the version in current MHSC production
machines. For production, we do not upgrade every version, unless there's a
CERT advisory on it. We go by the philosophy that reliability is paramount
over features and we test production binaries before placing them online.
We don't have the man-power to track-test all versions, of all the packages
we use, when they are released. When we upgrade, it is usually to the, then
current, version. Then it stays online until the next upgrade cycle. Our
upgrade cycles are every six to eight months, unless there's a CERT
advisory. Some internal use packages, like Samba, are on the"if it's not
broke, don't fix it" cycle and that is "samba-1.9.17p4", a little crufty
but servicable and it has caused no problems. The new PDC features are not
used here at MHSC.

Similarly, we saw no new major features in Apache v1.3.3 and no nasty bugs
in v1.3.2. We did see some churn with the Apache-SSL releases, which have
only recently died down.


___________________________________________________ 
Roeland M.J. Meyer - 
e-mail:                                      mailto:[EMAIL PROTECTED]
Internet phone:                                hawk.lvrmr.mhsc.com
Personal web pages:             http://staff.mhsc.com/~rmeyer
Company web-site:                           http://www.mhsc.com
___________________________________________________ 
I hold it, that a little rebellion, now and then, is a good thing...
                -- Thomas Jefferson


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to