Comment 2 for bug 958430

Colin Watson (cjwatson) wrote :

While I know a number of people are interested in support for newer versions of TLS, my motivation for this FFe is that we've had commercial requests to backport performance work for newer Intel processors from the 1.0.1 branch. I attempted this a while back. The result was an improvement for most algorithms, but a 36% regression for RC4. At this point I have run out of my comfort zone for backporting OpenSSL patches: it's not at all obvious how they're intertwined, and I am concerned that an amateur backport attempt could easily introduce security problems. I'm a lot more comfortable with the idea of just using 1.0.1, especially since it's in Debian unstable now.

I have a merge prepared and ready to go. Preview temporarily here: