But I am not opposed to separate the 2 votes if that is perceived as better and we are ready to deal with the possible delays introduced in the development.
I am not entirely sure if this PR can be retriaged by OTC as not-blocking for the beta release, but that could also be an option to buy more time while we define a policy and then vote to accept or reject based on that. Nicola On Fri, Apr 9, 2021, 14:24 Nicola Tuveri <nic....@gmail.com> wrote: > I agree with what Tomàš said, and that is the reason why I convoluted them > in a single vote: we need to merge or reject the PR based on a policy, but > if we do 2 separate votes we risk to create delays in the already quite > loaded development cycles left! > > Nicola > > On Fri, Apr 9, 2021, 10:53 Tomas Mraz <to...@openssl.org> wrote: > >> On Fri, 2021-04-09 at 08:44 +0100, Matt Caswell wrote: >> > >> > On 08/04/2021 18:02, Nicola Tuveri wrote: >> > > Proposed vote text >> > > ================== >> > > >> > > Do not merge PR#14759, prevent declaring properties similar to >> > > `blinding=yes` or `consttime=yes` in our implementations and >> > > discourage 3rd parties from adopting similar designs. >> > >> > I think this vote tries to cover too much ground in a single vote. I >> > would prefer to see a simple vote of "Do not merge PR#14759" >> > *possibly* >> > followed up by separate votes on what our own policies should be for >> > provider implementations, and what we should or should not encourage >> > 3rd >> > parties to do. >> >> I disagree partially. IMO we should primarily have a policy vote and >> the closing or merging of PR#14759 should come out of it naturally. >> >> -- >> Tomáš Mráz >> No matter how far down the wrong road you've gone, turn back. >> Turkish proverb >> [You'll know whether the road is wrong if you carefully listen to your >> conscience.] >> >> >>
