Re: AW: Which platforms will be supported in the future on which platforms will be removed?

Tue, 03 Jun 2014 07:12:13 -0700 

On Tue, Jun 03, 2014 at 02:22:07PM +1000, Peter Waltenberg wrote:
> 
> One of the uglier problems is that unless you can build/test on all the
> platforms on each change you'll almost certainly break platforms
> unexpectedly - that lack of hardware has been one of the long term problems
> and it's likely one of the inhibtors to cleanup as well.

There's a very simple solution to that problem, especially since we
now have the support and attention of many hardware companies.  The
rule should be very simple.  If a company doesn't contribute either
(a) exclusive, dedicated hardware, or (b) reliable, continuous access
to hardware, it doesn't get supported by the OpenSSL developers.
Period.

If it's not important for a company to provide access to hardware,
then they can take on the support burdens of providing OpenSSL support
to their platform, or clearly *they* don't care about the security of
their users.  And if they don't care, again, it's not fair to impose a
security tax on the rest of the Internet.

(And especially in the case of embedded products, it's not enough that
OpenSSL provide a new release with a security fix; the company needs
to be willing to create a firmware load and get it to all of its 10
year old customers.  And if they aren't willing to provide hardware to
critical infrastructure provider such as OpenSSL, it seems unlikely
they will be creating a new firmware load anyway, so what's the
point?)

The Linux kernel doesn't tie itself in knots wringing its hands about
how it can't make forward progress because it might break, say, the
break the m68k or alpha port.  They continue to exist only because a
number of m68k and alpha maintainers are sufficiently motivated to
keep them alive, *and* the impact on the core code is largely nil.  If
a largely dead architecture or CPU started getting in the way of
everyone else, it would either have to get fixed so it wasn't getting
in the way, or it would be removed.  (Which, for example, was the
decision of the x86 maintainers over the fate of 80386 support.)

Cheers,

                                        - Ted
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to