@@ -6,9 +6,8 @@ At any point in time, we have a number of maintained branches, currently consist
66 this always contains the latest release, including all publicly available
77 security fixes.
88- The [ ` development ` ] ( https://github.com/Mbed-TLS/mbedtls/tree/development ) branch:
9- this is where the next major version of Mbed TLS (version 4.0) is being
10- prepared. It has API changes that make it incompatible with Mbed TLS 3.x,
11- as well as all the new features and bug fixes and security fixes.
9+ this is where the next minor version of Mbed TLS 4.x is prepared. It contains
10+ new features, bug fixes, and security fixes.
1211- One or more long-time support (LTS) branches: these only get bug fixes and
1312 security fixes. Currently, the supported LTS branches are:
1413- [ ` mbedtls-3.6 ` ] ( https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-3.6 ) .
@@ -19,7 +18,7 @@ These branches will not receive any changes or updates.
1918
2019We use [ Semantic Versioning] ( https://semver.org/ ) . In particular, we maintain
2120API compatibility in the ` main ` branch across minor version changes (e.g.
22- the API of 3 .(x+1) is backward compatible with 3 .x). We only break API
21+ the API of 4 .(x+1) is backward compatible with 4 .x). We only break API
2322compatibility on major version changes (e.g. from 3.x to 4.0). We also maintain
2423ABI compatibility within LTS branches; see the next section for details.
2524
@@ -66,25 +65,6 @@ crypto that was found to be weak) may need to be changed. In case security
6665comes in conflict with backwards compatibility, we will put security first,
6766but always attempt to provide a compatibility option.
6867
69- ## Backward compatibility for the key store
70-
71- We maintain backward compatibility with previous versions of the
72- PSA Crypto persistent storage since Mbed TLS 2.25.0, provided that the
73- storage backend (PSA ITS implementation) is configured in a compatible way.
74- We intend to maintain this backward compatibility throughout a major version
75- of Mbed TLS (for example, all Mbed TLS 3.y versions will be able to read
76- keys written under any Mbed TLS 3.x with x <= y).
77-
78- Mbed TLS 3.x can also read keys written by Mbed TLS 2.25.0 through 2.28.x
79- LTS, but future major version upgrades (for example from 2.28.x/3.x to 4.y)
80- may require the use of an upgrade tool.
81-
82- Note that this guarantee does not currently fully extend to drivers, which
83- are an experimental feature. We intend to maintain compatibility with the
84- basic use of drivers from Mbed TLS 2.28.0 onwards, even if driver APIs
85- change. However, for more experimental parts of the driver interface, such
86- as the use of driver state, we do not yet guarantee backward compatibility.
87-
8868## Long-time support branches
8969
9070For the LTS branches, additionally we try very hard to also maintain ABI
0 commit comments