[Cryptography-dev] Ancient OpenSSL Support

Paul Kehrer paul.l.kehrer at gmail.com
Sun Mar 9 22:51:06 CET 2014


A user filed an issue today asking us to support 0.9.8b (https://github.com/pyca/cryptography/issues/727#issuecomment-37133554), which shipped in Fedora 8 (apparently used by http://www.planet-lab.org). The patch is actually very small, but we don’t have CI coverage for any distribution using OpenSSL that ancient (Fedora 8 was released 7 years ago and has been out of support for over 5). I’m also concerned that this sets a precedent where we’ll have difficulty *ever* removing support for an OpenSSL version (and the 0.9.8e patches would be very nice to remove in a few years).

So, what do we want to do here? I’m -1 on landing it and claiming it as an officially supported version, but -0.5 on landing it with no guarantees of future functionality since we’re not testing against it.

On a related note, we should probably document our official minimum OpenSSL version somewhere in the docs (currently 0.9.8e).

-Paul  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20140309/759b2e65/attachment.html>


More information about the Cryptography-dev mailing list