Mbed TLS has supported Windows as a primary platform for a long time, evolving our support for it as we go. Providing support for such a popular platform has surprised us in the past, as there are users who are making use of Mbed TLS with some very old versions of Microsoft Windows where only older versions of the TLS protocol may be available natively.
Mbed TLS can only work on Windows with proper integration into the platform, including integration into its standard library functions and the cryptographically secure random generator provided by the operating system.
It’s great to be able to enable users on older versions of Microsoft Windows who may not have many other options, but supporting older versions can come at the cost of fully supporting newer versions too. Microsoft Windows is a constantly evolving platform, and we have now found some of the support we have for older versions of Windows no longer works on the new platforms, as described in issue #966.
Rather than fork our own support of Windows into ‘legacy support’ and ‘modern support’, we have decided to update our integration with Windows, and from the next feature version of Mbed TLS, version 2.8.0, we will only support Microsoft Windows 7 and later, which will mean moving to the more modern API.
The support in our LTS (Long Term Support) branches, versions 2.7 and 2.1 will remain the same, which will have the side effect that they do not fully support more modern versions of Microsoft Windows.
We will also continue to test with the same versions of Microsoft Visual Studio on all versions of Mbed TLS, for x86, x86-64 and ARM architectures, as well as with the mingw toolchain.
What do you think about this? We’d love to hear your feedback. Let us and other users of the library know your views through the Mbed TLS forum here.