Backward compatibility: the key store
Promise that we will keep supporting existing key store formats, at least
until a major version comes along.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/BRANCHES.md b/BRANCHES.md
index f3da882..ff23b7f 100644
--- a/BRANCHES.md
+++ b/BRANCHES.md
@@ -16,7 +16,7 @@
also maintain ABI compatibility within LTS branches; see the next section for
details.
-## Backwards Compatibility
+## Backwards Compatibility for application code
We maintain API compatibility in released versions of Mbed TLS. If you have
code that's working and secure with Mbed TLS x.y.z and does not rely on
@@ -50,6 +50,19 @@
For contributors, see the [Backwards Compatibility section of
CONTRIBUTING](CONTRIBUTING.md#backwards-compatibility).
+## Backward compatibility for the key store
+
+We maintain backward compatibility with previous versions of versions of the
+PSA Crypto persistent storage since Mbed TLS 2.25.0, provided that the
+storage backend (PSA ITS implementation) is configured in a compatible way.
+We intend to maintain this backward compatibilty throughout a major version
+of Mbed TLS (for example, all Mbed TLS 3.y versions will be able to read
+keys written under any Mbed TLS 3.x with x < y).
+
+Mbed TLS 3.x can also read keys written by Mbed TLS 2.25.0 through 2.28.x
+LTS, but future major version upgrades (for example from 2.28.x/3.x to 4.y)
+may require the use of an upgrade tool.
+
## Current Branches
The following branches are currently maintained: