We are pleased to announce that our new release, Mbed TLS 2.16.0 will now become the basis of our next LTS (Long Term Support) branch, and that we will continue to maintain this branch for the next 3 years until at least the end of 2021.
Maintaining the library interface
During that period, we will maintain the API (Application Programming Interface) to be source code compatible, and maintain the ABI (Application Binary Interface), to ensure that users of the library can make the minimum of changes to their own software to ensure against regressions being introduced into their application software.
No new features will be introduced, and the API will not be changed or extended, unless required by significant security issues or issues of interoperability with other vendors TLS stacks.
Given we plan to add no new features into the Mbed TLS 2.16 branch, those designing Mbed TLS into embedded systems, should be assured that your design can accept newer versions of the library on this branch without significant changes in its code or RAM requirements.
For those who need consistency in the interface, and to avoid breaking changes in the interface, we recommend using the Long Term Support branches, to ease maintenance of your own code and of adoption of new security features. The main development branches do contain new features, but they also do not guarantee the stability of the API.
Mbed TLS 2.7
In addition to Mbed TLS 2.16 as a Long Term Support branch, we are pleased to state that we are still committed to maintaining Mbed TLS 2.7, and will continue to do so until until at least February 2021.
Again, we will continue the policy of maintaining the API and ABI as far as possible, and of adding no new features, to ensure against regressions and to maintain a similar code and RAM footprint.
End of life for Mbed TLS 2.1
Mbed TLS 2.1.0 was first shipped on 4th September 2015, and has come to the end of its life. Mbed TLS 2.1.18 will be the last release of the 2.1 branch, and no further releases will be made.
If any new security vulnerabilities are found in Mbed TLS 2.1, users may be left vulnerable as this branch will no longer be maintained, therefore we recommend all existing users of Mbed TLS 2.1 should now upgrade to a later version of Mbed TLS wherever possible.
No further pull requests to the Mbed TLS 2,1 branch can be accepted. Should users find any issues in Mbed TLS 2.1, they are welcome to report them and record them on GitHub for the benefit of others.
We will also continue to extend and expand Mbed TLS from the next version onwards. Future versions of Mbed TLS outside the LTS (Long Term Support) branches will continue to receive new features and capabilities.
What do you think about this? We’d love to hear your feedback. Let us and other users of the library know your views through the Mbed TLS forum here.