Comment 10 for bug 1634609

It was in an IRC conversation between me and Steve Langasek, after getting the Security team's approval (via tyhicks, also on IRC) that re-vendorizing golang-go.crypto was okay in yakkety, given that it's not a LTS release, and that there is at least another package (definitely snapd, and probably also lxd) that vendorizes everything.

My immediate concern isn't in the effort of rebuilding every reverse-dependency of golang-go.crypto, but of the high potential for regression involved in getting this new crypto and rebuilding everything against it, in the context of juju-core which is a project that is expected to change a lot. There WILL be other SRUs of juju-core in the future, and I don't know if other updates of golang packages may be required.