We (the OpenSSL team) are considering a more aggressive EOL strategy. In particular, we may EOL 0.9.8 right now, and 1.0.0 when 1.0.2 comes out (currently in beta). Going forward we would only maintain two versions, so when 1.0.3 comes out, 1.0.1 would be EOL. What do people think about this?