From: Mark Hatle <mark.hatle@windriver.com>
To: Khem Raj <raj.khem@gmail.com>
Cc: "Gupta, Rahul KumarXX" <rahul.kumarxx.gupta@intel.com>,
"openembedded-core@lists.openembedded.org"
<openembedded-core@lists.openembedded.org>
Subject: Re: openssl: OpenSSL 1.1.x update
Date: Thu, 6 Oct 2016 10:39:53 -0500 [thread overview]
Message-ID: <89015693-dfeb-5b47-7c2b-386c85571dec@windriver.com> (raw)
In-Reply-To: <4F081825-2EC8-4F85-9E55-1E24F215723D@gmail.com>
On 10/6/16 10:22 AM, Khem Raj wrote:
>
>> On Oct 6, 2016, at 7:21 AM, Mark Hatle <mark.hatle@windriver.com> wrote:
>>
>> On 10/5/16 9:59 PM, Khem Raj wrote:
>>> On Wed, Oct 5, 2016 at 7:33 PM, Mark Hatle <mark.hatle@windriver.com> wrote:
>>>> On 10/5/16 9:11 PM, Tan, Raymond wrote:
>>>>> Greetings, I would like to know if there is any plan / schedule to upgrade to openssl 1.1.0 into OE-core?
>>>>
>>>> Currently 1.0.2 is the LTS version of OpenSSL. 1.1.0 is not scheduled to be LTS.
>>>>
>>>> For the upcoming release (soon), I would NOT expect 1.1.0 to be in it. There
>>>> are still too many incompatibilities with other components.
>>>>
>>>> For the next version of OE, I think it is appropriate to include 1.1.0, but I
>>>> would also like to maintain 1.0.2 for the time being. (Beside LTS, it also is
>>>> still the only way to have FIPS-140-2 module, as there is currently no module in
>>>> the 1.1.0 -- and there may not be for a while.)
>>>
>>> What do we get with 1.1.0 ?
>>
>> Latest and greatest code of course.. :)
>>
>> Reality, not a lot more over 1.0.2... there are some significant redesigns that
>> should help improve overall security of the OpenSSL library and items using the
>> library. But various things will have to be updated to make use of this.
>>
>> The OpenSSL community itself is looking at 1.1.0 as a transition to newer and
>> better design/api/etc... which is why it is not marked as a LTS release.
>
> api changes can be a bothersome point from integration POV, do we know if there
> are some forwarded porting incompatibilities in APIs already?
I have not investigated it, as my focus has been on the LTS version at this point.
--Mark
>>
>> Beside my basic understanding (above) there should be information as part of the
>> 1.1.0 release notes.
>>
>> --Mark
>>
>>>>
>>>> --Mark
>>>>
>>>>> Thanks!
>>>>>
>>>>> Raymond Tan
>>>>>
>>>>
>>>> --
>>>> _______________________________________________
>>>> Openembedded-core mailing list
>>>> Openembedded-core@lists.openembedded.org
>>>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>
>
next prev parent reply other threads:[~2016-10-06 15:39 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-06 2:11 openssl: OpenSSL 1.1.x update Tan, Raymond
2016-10-06 2:33 ` Mark Hatle
2016-10-06 2:59 ` Khem Raj
2016-10-06 14:21 ` Mark Hatle
2016-10-06 15:22 ` Khem Raj
2016-10-06 15:39 ` Mark Hatle [this message]
2016-10-13 10:35 ` Tan, Raymond
2016-10-13 10:49 ` Hatle, Mark
2016-12-13 16:00 ` Alexander Kanavin
2016-10-06 2:44 ` Paul Eggleton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=89015693-dfeb-5b47-7c2b-386c85571dec@windriver.com \
--to=mark.hatle@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=rahul.kumarxx.gupta@intel.com \
--cc=raj.khem@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox