Author ned.deily
Recipients alex, dstufft, jeremy.kloth, larry, lemburg, ned.deily, pitrou, python-dev, steve.dower, zach.ware
Date 2015-04-13.23:36:47
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1428968207.63.0.941464197975.issue23686@psf.upfronthosting.co.za>
In-reply-to
Content
I don't have a really strong feeling one way or the other.  It's not a big issue for the OS X installers as this only affects the much-less-used 32-bit-only installer for old systems.  So this is really primarily an issue affecting the Windows installers.  I guess one could argue that 1.0.2 is the current path forward for OpenSSL particularly over the support lifetime of 3.5.0 and there will be ample opportunity to update as necessary whatever version of the OpenSSL is included, both prior to the 3.5.0 release date and afterwards but there is something to be said for being a bit conservative wrt new OpenSSL release branches.  I think it would be good to solicit the opinion of the other core developers interested in security and the Windows installers and let Larry make the call, if necessary.

Alex, Donald, Antoine, Steve: any comments on shipping 1.0.1x vs 1.0.2x? 


> https://github.com/openssl/openssl/pull/218
> (certificate expiry checks not working)

That issue appears to have been fixed in 1.0.2a, no?
History
Date User Action Args
2015-04-13 23:36:47ned.deilysetrecipients: + ned.deily, lemburg, pitrou, larry, alex, jeremy.kloth, python-dev, zach.ware, steve.dower, dstufft
2015-04-13 23:36:47ned.deilysetmessageid: <1428968207.63.0.941464197975.issue23686@psf.upfronthosting.co.za>
2015-04-13 23:36:47ned.deilylinkissue23686 messages
2015-04-13 23:36:47ned.deilycreate