On Tue, Dec 3, 2019 at 12:09 PM Michael Paquier <michael@paquier.xyz> wrote:
On Tue, Dec 03, 2019 at 10:10:57AM +0100, Magnus Hagander wrote: > Is 1.0.1 considered a separate major from 1.0.0, in this reasoning? Because > while retiring 1.0.0 should probably not be that terrible, 1.0.1 is still > in very widespread use on most long term supported distributions.
1.0.1 and 1.0.0 are two different major releases in the OpenSSL world, so my suggestion would be to cut support for everything which does not have TLSv1.2, meaning that we keep compatibility with 1.0.1 for a longer period.
Good, that's what I thought you meant :) And that makes it sound like a working plan to me.