Skip to content

Commit d89da80

Browse files
committed
Convert issue on guidance on deprecated/experimental crypto.
1 parent 40495b5 commit d89da80

File tree

1 file changed

+8
-9
lines changed

1 file changed

+8
-9
lines changed

index.html

Lines changed: 8 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -2526,6 +2526,14 @@ <h3>Protecting Application Developers</h3>
25262526
application developer population is to be discouraged.
25272527
</li>
25282528
<li>
2529+
Cryptographic library implementers can provide deprecated and experimental
2530+
cryptographic functionality, but are advised to do so in a way where the
2531+
libraries do not enable such functionality unless explicitly requested by the
2532+
developer, such as via a library option, and if enabled, the library produces
2533+
warnings that deprecated or experimental cryptography has been enabled for the
2534+
application.
2535+
</li>
2536+
<li>
25292537
Application developers are advised to choose from a number of pre-set
25302538
cryptography library configurations and to avoid modifying cryptographic
25312539
options and parameters, or using experimental or deprecated cryptography.
@@ -2539,15 +2547,6 @@ <h3>Protecting Application Developers</h3>
25392547
fully understand the balancing benefits and drawbacks of each option.
25402548
</p>
25412549

2542-
<p class="issue"
2543-
title="Use of experimental and deprecated cryptography">
2544-
The VCWG is seeking guidance on adding language to allow the use of experimental
2545-
or deprecated cryptography. By default, those features will be disabled and will
2546-
require the application developer to specifically allow use on a per-cryptographic suite
2547-
basis. There will be requirements for all implementing libraries to throw errors
2548-
or warnings when deprecated or experimental options are selected without the
2549-
appropriate override flags.
2550-
</p>
25512550
</section>
25522551

25532552
<section>

0 commit comments

Comments
 (0)