What Erlang/OTP version should YXA 1.0 require?

Distributed Erlang over SSL is broken in R11B-3, R11B-4 and R11B-5. This 
feature is needed if you have more than one YXA application, and want 
their inter-node communication to be protected from eavesdropping.

A fix for this has been made available by Bruce Fitzsimons :


I can't count on there being an Erlang/OTP R11B-6 with the fix before 
EUC '07.

I see the following options :

   1) Release YXA 1.0 now, with a dependency on R11B-2.

   2) Release YXA 1.0 now, depending on R11B-5. Ship a patched version of
      ssl_prim with it, that gets added first in the code path - thus
      fixing the problem in R11B-5 (will break if a distro ships R11B-5
      with some other change to ssl_prim).

   3) Release YXA 1.0 now, depending on R11B-2. Provide a patch that
      accomplishes the same thing as option #2.

   4) Wait with YXA 1.0 until R11B-6 is released (and hope the problem is
      fixed in R11B-6).

What do you think I should do? Number 1 and 3 are of course the easy 
ones for me, if I still want to get YXA 1.0 out before EUC '07 (which I do).


Yxa-devel mailing list

Reply via email to