On 2014-04-10 at 13:00:50 +0200, Michael Snoyman wrote: [...]
Third, The PvP doesn't actually *enforce* any requirements on dependencies. I can only see CAN, SHOULD, MAY in the section 3. On the other hand, you can find MUST in section "2 Versions numbers", and as far I'm concerned the tls/crypto ecosystem is following each requirements in this section.
Reading that section myself, I have to say I agree with Vincent's interpretation. It would seem therefore that the packages under question are in fact in compliance with the requirements of the PVP, and therefore there's no blocker to including tls in the platform in the future, regardless of how you interpret the HP's statement "we follow the Haskell Package Versioning Policy".
Just a thought: Maybe the requirement levels stated in the PVP in terms of may/should/must could benefit from a bit more formalization in terms of something like RFC2119. [RFC2119]: http://tools.ietf.org/html/rfc2119