-
Notifications
You must be signed in to change notification settings - Fork 125
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove boringssl interop testing #416
Comments
Where does it run, in the openssl's porject CI? |
Yes: Lines 97 to 124 in 5118e6e
|
Do we do the reverse direction of testing? I.e., BoringSSL's CI runs an OpenSSL interop? If so then I think that would suffice. |
No. This highlights the issue: BoringSSL's CI and interop testing is not at the same level as that of OQS-OpenSSL/oqsprovider. We (also therefore) once decided to "demote" it from "OQS-supported" status, but now seem to have reverted that decision in the interest of retaining Chromium demo-only support. This means a "second class/demo-only" BoringSSL can hold back (a whole chain of supported) OpenSSL use cases. So I'd suggest we either decide to "promote" BoringSSL again to "fully supported" (but then need to first do PRs for that before merging "breaking" My personal opinion is clear: Do (BoringSSL/OpenSSL) interop testing only in BoringSSL. |
I think that makes sense |
I agree, we are treating BoringSSL as a second-tier project for now, and we don't want its limitations to negatively impact first-tier projects like OpenSSL. So it also makes sense to put the onus of interop testing in BoringSSL. |
Given (oqs-)boringssl apparently does not receive the same level of "care and attention" as oqs-openssl111 would it be reasonable to remove the interop-test with it? It always breaks when algorithms get changed in
liboqs
without prior proper downstream preparation.The text was updated successfully, but these errors were encountered: