Hi Nicolas,
please also read the FAQ on www.openbsd.org.
Nicolas Letellier schrieb am Wed, Jan 02, 2008 at 10:50:43PM +0100:
> If I want the last packages/ports, I use a -current system, with

quoted text
> -current ports tree.  Last updates of softwares are in -current.

Right.
> On the other hand, they're developpement versions,
No, mostly wrong.

The ports in the -current ports tree are usually ports of stable

upstream releases.  That's actually an established policy.
There are some exceptions where upstream development versions

get built by the ports tree, for example given any of the following

conditions:
 - lack of any stable upstream distribution

 - stable upstream distribution hopelessly outdated

   and upstream development distribution reasonably solid

 - vastly different upstream stable and dev distributions

   and considerable interest to have each of them available
> If I want a *very* stable system (in production for example),

quoted text
> I use -release or -stable system.

You can also use -current snapshots.

It requires a bit more experience (ability to act when it's needed,

and ability to realize when action is needed), and a bit more work

(slightly more frequent upgrades, say half a doven or a dozen times

a year instead of twice a year).
> On the other hand, packages and ports are not updated even it's

quoted text
> necessary (for example, the last mozilla-firefox is in 2.0.0.6

> in ports tree -release and 2.0.0.10 in -current port tree).

If you build a specialized server running two or three daemons,

watch the relevant commits, understand them and backport them

yourself when needed.  In many cases, the task of backporting

one single ports security fix to -stable is manageable.

In case you fail, pay someone for doing that particular job for

you (in case you know any IT consultant with sufficient

programming skills).
If you build a desktop system requiring 327639245120 packages,

personally, IN THE CURRENT EXCEPTIONAL SITUATION, i would suggest

to just run a -current snapshot.  Should the -stable ports tree

ever get resurrected (which could hopefully happen), i shall

not uphold that suggestion.
> If I use openbsd, it's for security and stability.

quoted text
> Or, I must do a choice between:

> * stability (-stable, -release)

No, you never run -release.  That's not secure.

You run -current, -stable or -release+patches.
> with no security updates of packages/ports,

quoted text
> * security (-current) with a less stability.

>

> Why does OpenBSD team not make a -stable branch of the port tree ?

> It's necessary to security.

> What method does recommend to have updated applications

> in -stable or -release ?

That's a frequently answered question, read the archives and take

care not to get yourself flamed.
In a nutshell:  OpenBSD is a system maintained by a bunch of people

for their own enjoyment and use.  For those people, the developers,

there is no choice between security and stability, they just run

-current, so they get BOTH security and stability - or else, in case

they break the CVS, they will be gently shot down by Theo.  ;-) 
Popularity is not among the OpenBSD project goals.

That it's an excellent system for non-developers to use, too,

is mostly a fortunate accident - even though that's not a matter

of luck, but a direct, necessary consequence of the project goals

and the team sticking to them, of course.