oqs-provider support matrix

[vkosuri]

Do we have any support matrix published? If not, could you please publish a support matrix for each release tag of the oqs-provider

for example

oqs-provider	liboqs	openssl
0.7.0	0.11.0	3.0, 3.1, 3.2
0.6.0	0.10.0	3.1, 3.2, 3.0

[baentsch]

could you please publish a support matrix

No. Publishing such matrix would lead to wrong assumptions: oqsprovider is not supported in any sense of a product to begin with (see disclaimer) -- and certainly even less so against all downlevel liboqs versions it technically can build against: The project would take on many more obligations than just run this is CI, e.g., checking and handling security vulnerabilities in downlevel liboqs releases. This far exceeds the resources available to the project and its stated mission, namely to support experimentation and research (by people knowing what they do and get themselves into when combining different software versions).

Therefore, the only nominally "supported" version (combination) is stated in SECURITY.md and the respective release's RELEASE.md. Anything else requires a full re-build and happens at risk and responsibility of the entity doing it. Any Yes, I just discovered SECURITY.md is wrong (will be fixed by #544). So Thanks for bringing up the question @vkosuri .