On Tue, Aug 14, 2018 at 12:16:25PM +0000, Salz, Rich wrote: > I think we should revert https://github.com/openssl/openssl/pull/2668 > > The stricter RFC compliance turns out to impact many certs embedded in > devices. Some estimates had thousands to millions. It affects interop with > IAIK and Bouncy Castle. > > I looked at the code, and tried to figure out how to just relax the > fractional second code, but it wasn’t obvious. There is also a testcase that > would need to be modified. And finally, it’s not clear that the seconds are > the only compatibility issue we would be introducing. > > Unfortunately, this turns out to be a big breaking change, and doesn’t seem > right for a dot release.
This seems to have been done in both the 1.0.2 and 1.1.0 after the release. Do you want to revert it in both branches, but keep it in 1.1.1? Or only revert it in 1.0.2? Kurt _______________________________________________ openssl-project mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-project
