2007/609 Alpine: Mail User Agent
James Carlson
james.d.carlson at Sun.COM
Mon Oct 22 04:45:56 PDT 2007
Darren J Moffat writes:
> The only way we can "fix" that is if OpenSSL stops breaking ABI (not
> just API) compatibility in what we would know as bug fix or patch releases.
I suspect there's a pretty big difference between depending on the
OpenSSL published interfaces and depending on the unfiltered guts of
the implementation.
It'd be nice if we could at least get a stability commitment for the
published interfaces, because OpenSSL -- not PKCS#11 -- is _the_
de-facto standard for dealing with encryption mechanisms. We're going
to see many more of these, not fewer, and the idea of having contracts
for each becomes less plausible with time.
> They don't do this lightly but it does happen and has happened recently
> - this is one of the reasons that an upgrade of OpenSSL version takes so
> long.
For what it's worth, we also obsolete interfaces and then change or
remove them. I think the root question here is whether there's notice
and if there's some way to avoid a broken build. As long as that
exists, I don't think the contract helps.
> That is why the ARC contract system is being used it allows the team
> that looks after OpenSSL in ONNV to contact all the other consumers and
> work with them on version upgrades that may cause issues.
I'll add a contract if that's what you want to see here, though I
think it's the wrong way forward.
--
James Carlson, Solaris Networking <james.d.carlson at sun.com>
Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
More information about the opensolaris-arc
mailing list