File tree Expand file tree Collapse file tree 1 file changed +8
-9
lines changed Expand file tree Collapse file tree 1 file changed +8
-9
lines changed Original file line number Diff line number Diff line change @@ -2526,6 +2526,14 @@ <h3>Protecting Application Developers</h3>
2526
2526
application developer population is to be discouraged.
2527
2527
</ li >
2528
2528
< li >
2529
+ Cryptographic library implementers can provide deprecated and experimental
2530
+ cryptographic functionality, but are advised to do so in a way where the
2531
+ libraries do not enable such functionality unless explicitly requested by the
2532
+ developer, such as via a library option, and if enabled, the library produces
2533
+ warnings that deprecated or experimental cryptography has been enabled for the
2534
+ application.
2535
+ </ li >
2536
+ < li >
2529
2537
Application developers are advised to choose from a number of pre-set
2530
2538
cryptography library configurations and to avoid modifying cryptographic
2531
2539
options and parameters, or using experimental or deprecated cryptography.
@@ -2539,15 +2547,6 @@ <h3>Protecting Application Developers</h3>
2539
2547
fully understand the balancing benefits and drawbacks of each option.
2540
2548
</ p >
2541
2549
2542
- < p class ="issue "
2543
- title ="Use of experimental and deprecated cryptography ">
2544
- The VCWG is seeking guidance on adding language to allow the use of experimental
2545
- or deprecated cryptography. By default, those features will be disabled and will
2546
- require the application developer to specifically allow use on a per-cryptographic suite
2547
- basis. There will be requirements for all implementing libraries to throw errors
2548
- or warnings when deprecated or experimental options are selected without the
2549
- appropriate override flags.
2550
- </ p >
2551
2550
</ section >
2552
2551
2553
2552
< section >
You can’t perform that action at this time.
0 commit comments