[Cryptography-dev] Ancient OpenSSL Support
Terry Chia
terrycwk1994 at gmail.com
Mon Mar 10 01:16:15 CET 2014
-1 on this because Fedora is supposed to be a bleeding edge distribution
with a 6 month upgrade cycle. We shouldn't be supporting ancient versions
of it.
The patch is small enough that the user can get it to work and maintain it
on his own if he really needs to. I don't think it's a good idea to be
landing the patch without officially supporting it because it *might*
confuse some people.
+1 on documenting the supported OpenSSL versions.
On Mon, Mar 10, 2014 at 5:51 AM, Paul Kehrer <paul.l.kehrer at gmail.com>wrote:
> A user filed an issue today asking us to support 0.9.8b (
> https://github.com/pyca/cryptography/issues/727#issuecomment-37133554),
> which shipped in Fedora 8 (apparently used by http://www.planet-lab.org).
> The patch is actually very small, but we don't have CI coverage for any
> distribution using OpenSSL that ancient (Fedora 8 was released 7 years ago
> and has been out of support for over 5). I'm also concerned that this sets
> a precedent where we'll have difficulty *ever* removing support for an
> OpenSSL version (and the 0.9.8e patches would be very nice to remove in a
> few years).
>
> So, what do we want to do here? I'm -1 on landing it and claiming it as an
> officially supported version, but -0.5 on landing it with no guarantees of
> future functionality since we're not testing against it.
>
> On a related note, we should probably document our official minimum
> OpenSSL version somewhere in the docs (currently 0.9.8e).
>
> -Paul
>
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20140310/173d00a7/attachment.html>
More information about the Cryptography-dev
mailing list