Re: USA crypto rules and libssl-dependent packages
> On Mon, May 14, 2001 at 10:32:07AM +0200, Robert Bihlmeyer wrote:
>> Jimmy Kaplowitz <jimmy@kaplowitz.org> writes:
>>
>> > Choice 3: Just change the main althea package to include ssl
>> > support, and add to the package description and README.Debian
>> > notification to that effect, with instructions on how to get a
>> > non-SSL version built.
>>
*snip*
>
> I still am not sure what to do though, but I am leaning toward Choice
> 3. The biggest problem with that choice that I see now is that people
> who don't have non-US in their server list would never find out about
> my package, all because of the optionally-compiled-in IMAP-over-SSL
> support.
>
I think what I am going to do (unless anyone makes a blocking objection
before I have time to package the next release of althea) is choice 3, and I
will put all future releases of althea into non-US. Nevertheless, I do
have one small question. Should I, for the time being, leave the most recent
pre-SSL release in main until a security hole is found that applies to it,
at which point I should request its removal, so that people who don't use
non-US can still get some version of althea? Or would it be better for them
not to have any version than to have an old one? (Though there haven't yet
been many changes other than the SSL support.)
Again, I thank everyone who has contributed to this thread. I just looked at
it in the archives, and it's a big one. You've helped me make a reasonably
good decision, I hope.
- Jimmy Kaplowitz
jimmy@kaplowitz.org
Reply to: