[openssl-commits] [web] master update
Richard Levitte
levitte at openssl.org
Tue Oct 25 16:15:26 UTC 2016
The branch master has been updated
via 3e72a62c4a0bd69e5f2b4380dd070e5587e2c201 (commit)
via f490f29fd1fe31a0ffd360e818794e9c50a50db7 (commit)
from 1bb9590bf583f21dc71b0adf83062f38e589644e (commit)
- Log -----------------------------------------------------------------
commit 3e72a62c4a0bd69e5f2b4380dd070e5587e2c201
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Oct 7 13:59:43 2016 +0200
Install the new roadmap, saving away the old
commit f490f29fd1fe31a0ffd360e818794e9c50a50db7
Author: Richard Levitte <levitte at openssl.org>
Date: Fri Oct 7 07:25:03 2016 +0200
New roadmap and platform policy
-----------------------------------------------------------------------
Summary of changes:
policies/roadmap_2015-2016.html | 421 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 421 insertions(+)
create mode 100644 policies/roadmap_2015-2016.html
diff --git a/policies/roadmap_2015-2016.html b/policies/roadmap_2015-2016.html
new file mode 100644
index 0000000..133584a
--- /dev/null
+++ b/policies/roadmap_2015-2016.html
@@ -0,0 +1,421 @@
+<!DOCTYPE html>
+<html lang="en">
+<!--#include virtual="/inc/head.shtml" -->
+
+<body>
+<!--#include virtual="/inc/banner.shtml" -->
+
+<div id="main">
+ <div id="content">
+ <div class="blog-index">
+ <article>
+ <header>
+ <h2>Project Roadmap</h2>
+ <h5>
+ First issued 30th June 2014<br/>
+ Last modified 8th August 2015
+ </h5>
+ </header>
+
+ <div class="entry-content">
+ <p>
+ This document is intended to outline the OpenSSL project
+ roadmap. It is a living document and is expected to change
+ over time. Objectives and dates should be considered
+ aspirational.</p>
+ <p>
+ The OpenSSL project is increasingly perceived as slow-moving
+ and insular. This roadmap will attempt to address this by
+ setting out some objectives for improvement, along with
+ defined timescales.</p>
+
+ <h3><a name='toc'>Table of Contents:</a></h3>
+
+ <ol>
+ <li><a href="#current">Current Issues</a></li>
+ <li><a href="#objectives">Objectives</a></li>
+ <li><a href="#forthcoming">Forthcoming Features</a></li>
+ <li><a href="#update">Roadmap Update History</a></li>
+ </ol></p>
+ <p> </p>
+
+
+ <h3><a name="current">Current Issues</a> <a href="#toc"><img src="/img/up.gif"/></a></h3>
+ <p>
+ The OpenSSL project is currently experiencing a number of issues.
+ These are:</p>
+ <ol>
+ <li><em>RT Backlog</em><br/>
+ Over a period of some considerable time open tickets have
+ been building up in RT (our bug tracking system) to the
+ point that now there are a very significant number of
+ them. A large proportion of these issues have been open
+ for years. Some of these have in fact been dealt with and
+ should be closed, but this has not been recorded in the
+ system. Most however have not been looked at.
+ </li>
+ <li><em>Incomplete/incorrect documentation</em><br/>
+ Documentation of OpenSSL is patchy at best. Some areas are
+ well documented, while many others suffer from incomplete
+ or incorrect documentation. There are also many areas
+ which have no documentation at all.
+ </li>
+ <li><em>Library complexity</em><br/>
+ The OpenSSL libraries and applications are complex,
+ both from a maintainer's perspective and from a user's
+ perspective. The public API contains many things which
+ should probably be internal. The code has been ported
+ to a large number of platforms, many of which are no
+ longer relevant to us today, and this complicates the
+ codebase. Some parts of the code have been in place for
+ a very long time, and are in need of a refresh. It is
+ further complicated by the support for FIPS.
+ This complexity causes maintenance problems, and
+ can also be the source of obscure and difficult to spot
+ security vulnerabilities. It can also make users' lives
+ much more difficult especially when combined with (2)
+ above.
+ The current memory management code has
+ also been a source of problems and vulnerabilities.
+ </li>
+ <li><em>Inconsistent coding style</em><br/>
+ There have been numerous developers working on the codebase
+ over many years. There are many different styles used within
+ the code, which is confusing and makes maintenance more
+ difficult than it should be. Even if strictly consistent,
+ the current code layout is unusual and idiosyncratic and
+ unlike any other open source software.
+ </li>
+ <li><em>Lack of code review</em><br/>
+ We don't have a code review system and we don't mandate code
+ reviews.
+ </li>
+ <li><em>No clear release plan</em><br/>
+ Historically OpenSSL has made new feature releases on
+ an infrequent basis and no forward plan of releases has
+ been published. It is difficult for users to plan for new
+ releases, and understand when new features might become
+ available, or when support will end for a release. In
+ addition a large number of stable releases are maintained
+ by the OpenSSL development team - diverting effort away
+ from the most up to date versions.
+ </li>
+ <li><em>No clear platform strategy</em><br/>
+ Historically OpenSSL has supported a very wide range of
+ platforms. Typically platform support has been added through
+ "ifdef" conditional compilation on a per platform
+ basis. This approach has led to a number of problems:
+ <ul>
+ <li>
+ The code has become very cluttered and is difficult to
+ effectively maintain</li>
+ <li>
+ There is support still in the code for a number of legacy
+ platforms which are unlikely to be widely deployed today -
+ if the code even still works on those platforms</li>
+ <li>
+ In practice the development team do not have access to many of
+ the platforms that the codebase supports and testing typically
+ takes place on a very limited set (usually Linux, FreeBSD and
+ Windows)</li>
+ </ul>
+ <del>
+ <li>
+ <em>No published security strategy</em><br/>
+ We do not have a well-known and published approach for how we
+ appropriately inform all interested parties of security
+ advisories.</li>
+ </del>
+ </ol>
+
+ <p></p>
+
+ <h3><a name="objectives">Objectives</a> <a href="#toc"><img src="/img/up.gif"/></a></h3>
+ <p>
+ Each of the issues identified above can be translated into
+ high level objectives. Some of these objectives can be
+ achieved more easily and quickly than others.</p>
+ <p>
+ <em>An important principle is that the priority and focus of
+ effort will be on achieving these objectives over and above
+ the delivery of new features.</em></p>
+
+ <h4>RT Backlog</h4>
+ <ol>
+ <li>
+ Manage all newly submitted RT tickets in a timely
+ manner such as an initial response within four working
+ days. (Timescale: Now)</li>
+ <li>
+ Reduce over time the existing RT backlog (Timescale:
+ Ongoing). This may include the mass closure of very old
+ tickets, such as those raised before the release of any
+ currently supported version.
+ <p><em>Update (8th September 2014)</em>:
+ we have made a great deal of progress on the backlog.
+ A <a href="ticket-activity.png">graph of ticket activity</a>
+ is available, as is the <a href="buglist.txt">raw data</a>
+ for every bug showing when it was open, and resolved. We
+ will update these files periodically.</p></li>
+ </ol>
+
+ <h4>Incomplete/incorrect documentation</h4>
+ <ol>
+ <li>
+ Provide complete documentation for all of the public
+ API (excluding deprecated APIs) (Timescale: Within one year).
+ </li>
+ <li>Some parts of the API have historically been public but were
+ not intended for public use, such as low level cipher and digest
+ APIs. These parts may not be documented, and if they are will be
+ marked as deprecated (Timescale: within nine months).</li>
+ <li>This may include introducing a new documentation system.</li>
+ </ol>
+
+ <h4>Library complexity</h4>
+ <ol>
+ <li>
+ Review and revise the public API with a view to reducing complexity
+ (Timescale: Within one year)</li>
+ <li>
+ Document a platform strategy: see below (Timescale: Within three
+ months)</li>
+ <li>
+ <del>Review and refactor the FIPS code to make it far less
+ intrusive (Timescale: Within one year)</del>
+ <br>Objective met (2015): The FIPS code has been removed from the
+ master branch, and will be re-integrated more cleanly during
+ a future validation.
+ </li>
+ <li>
+ <del>Review and refactor the memory management code.
+ (Timescale: Within six months)</del>
+ <br>Objective met (2015): All use of dynamic memory allocation has
+ been cleaned up and made consistent, and the internal memory
+ pool has been removed.
+ </li>
+ </ol>
+
+ <h4>Inconsistent coding style</h4>
+ <ol>
+ <li>
+ Define a clear coding standard for the project. This will cover not
+ only code layout but also items such as how to handle platform
+ dependencies, unit testing and optional code. (Timescale: Within
+ three months).</li>
+ <li>
+ <del>Format the entire codebase according to the agreed standard.
+ (Timescale: Within three months of coding standard being
+ defined).</del>
+ <br>Objective met (2015): All release branches were
+ reformatted using a script included in the release.
+ </li>
+ <li>
+ Refactor code to follow other parts of the style guide. (Timescale:
+ Within one year)</li>
+ </ol>
+
+ <h4>Code review</h4>
+ <ol>
+ <li>
+ <del>
+ Agree and implement a process such that all new commits
+ should first be reviewed by a team member conversant
+ with the relevant code and updated until the reviewer's
+ issues are addressed. This is contingent on recruiting
+ sufficient team members that reviewers are more-or-less
+ always available. (Timescale: Within three months)
+ </del>
+ <br>Objective met (16th July 2014): All changes are first reviewed by
+ another team member prior to being committed to the public openssl
+ repository.
+ </li>
+ <li>
+ <del>
+ Agree on a code review system. (Timescale: Within six months)
+ </del>
+ <br>Objective met (2015): We use
+ <a href="https://gitlab.com">GitLab</a>.
+ </li>
+ </ol>
+
+ <h4>Audit</h4>
+ <p>
+ Externally audit the current code base. (Timescale: Dependent on
+ external body)</p>
+ <p>Update (14th October 2014):
+ Auditors selected and funded; schedule being worked on.</p>
+
+ <h4>Static/Dynamic Analysis</h4>
+ <p>
+ Regularly audit the code using appropriate analysis tools.
+ (Timescale: Within six months)
+ </p>
+
+ <h4>Release Strategy</h4>
+ <del>
+ <p>
+ We intend to develop a release strategy which will set out our plans
+ for how frequently we plan to release, and when. It will also cover
+ how long releases will be supported for, and when their EOL (End Of
+ Life) will be. (Timescale: Within three months)</p>
+ <p>
+ There are a number of objectives that we would be seeking to address
+ within the release strategy. Some of these objectives compete with
+ each other, and so from necessity there will have to be compromises.
+ The objectives are:
+ <ol>
+ <li>
+ We need security fix releases with very low chance of breaking
+ anything. This is largely met by prohibiting new features in stable
+ branches (i.e. letter releases).</li>
+ <li>
+ If something is broken in a release a fixed version should be made
+ available shortly afterwards (i.e. more letter releases more
+ often)</li>
+ <li>
+ We need a way to get new binary compatible features into OpenSSL
+ relatively quickly.</li>
+ <li>
+ We don't want to have to maintain too many branches. This is likely
+ to include a timescale for the EOL of version 0.9.8</li>
+ <li>
+ We need a way to refactor code and make necessary binary
+ incompatible changes, deprecating APIs etc.</li>
+ </ol>
+ </del>
+ Objective met (2015): We have announced a
+ <a href="releasestrat.html">release strategy</a>
+ which includes end-of-life and long-term support definitions.
+ Also, our
+ <a href="secpolicy.html">security policy</a> has relevant
+ information.
+ </p>
+
+ <h4>Platform Strategy</h4>
+ <p>
+ Moving forward OpenSSL will adopt the following policy:</p>
+ <ul>
+ <li>
+ There will be a defined set of primary platforms. The primary
+ platforms will be Linux and FreeBSD. A primary platform is one where
+ most development occurs.</li>
+ <li>
+ In addition there will be a list of secondary platforms which are
+ supported by the development team.</li>
+ <li>
+ Platform specific code will be moved out of the main codebase
+ (removing overuse of "ifdef").</li>
+ <li>
+ Legacy platforms that are unlikely to have wide deployment will be
+ removed from the code.</li>
+ <li>
+ Non-supported platforms requiring regular maintenance activities
+ will eventually be removed from the code after first seeking
+ community owners to support the platforms in platform specific
+ repositories.</li>
+ </ul>
+ <p>
+ Necessary criteria for a platform to be included in the secondary
+ platform list includes:</p>
+ <ul>
+ <li>
+ Currency, i.e. a platform is widely deployed and in current use</li>
+ <li>
+ Vendor support</li>
+ <li>
+ Available to the dev team, i.e. the dev team have access to a
+ suitable environment in which to test builds and deal with tickets
+ and issues</li>
+ <li>
+ Dev team ownership, i.e. at least one person on the team is willing
+ to take some responsibility for a platform.</li>
+ </ul>
+ <p>
+ In addition the secondary list will be as small as possible so as not
+ to spread the development team too thinly.</p>
+ <p>
+ The secondary platforms are still to be defined but will be based on
+ the above criteria. For each primary/secondary platform, we should
+ have, at least, a continuous integration box and a dev machine we can
+ access for test/debug. We will seek support from the platform vendors
+ or the community to provide access to these platforms. The secondary
+ platform list will change over time, but an initial list will be
+ produced within three months.</p>
+ <p>
+ The Platform Strategy will be phased in over a period of time based
+ on how quickly we can refactor the code.</p>
+
+ <h4>Security Strategy</h4>
+ <p>
+ <del>
+ We will be documenting a security strategy which will define our
+ policy on how we make security fixes, and what (if any)
+ pre-notification of forthcoming security releases will be provided
+ (and to whom) (Timescale: Within two months)
+ </del>
+ <br>Objective met (7th September 2014): The OpenSSL security policy
+ is available <a href="secpolicy.html">here</a>.
+ </p>
+
+ <h3><a name="forthcoming">Forthcoming Features</a> <a href="#toc"><img src="/img/up.gif"/></a></h3>
+ <p>The primary focus of effort will be on achieving the
+ objectives detailed above, however we are evaluating the following
+ new features.</p>
+
+ <ul>
+ <li>IPv6 support</li>
+ <li>AEAD updates (API review, Poly/ChaCha support, /dev/crypto
+ operations coalescing)</li>
+ <li>TLS 1.3.</li>
+ <li>Certificate Transparency support</li>
+ <li>Support for new ciphersuites e.g., CCM</li>
+ <li>Extended SSL_CONF support</li>
+ <li>DANE support</li>
+ <li>Security levels (currently experimental in master)</li>
+ <li>OCB</li>
+ <li>FIPS code review and refactor</li>
+ <li>Support for emerging platforms, e.g. ARMv8, POWER8</li>
+ <li>Built-in multi-threaded support for two major threading
+ "flavours," POSIX threads and Win32</li>
+ </ul>
+ <p></p>
+
+ <h3><a name="update">Roadmap Update History</a> <a href="#toc"><img src="/img/up.gif"/></a></h3>
+ <p>
+ The following changes have been made since the roadmap was first
+ issued 30-June-2014.
+ </p>
+ <ul>
+ <li>8-August-2015.
+ Many updates, for what happened in 2015.</li>
+ <li>14-October-2014.
+ Updated audit; added TLS 1.3 and Certificate
+ Transparency to features.</li>
+ <li>8-September-2014.
+ Updated status on the RT backlog objective.</li>
+ <li>7-September-2014.
+ Updated security policy section.</li>
+ <li>16-July-2014.
+ Updated code review section.</li>
+ <li>1-July-2014.
+ Noted RT is our bug tracking system.</li>
+ </ul>
+ </div>
+ <footer>
+ You are here: <a href="/">Home</a>
+ : <a href="/policies"> Policies</a>
+ : <a href="">Roadmap</a>.
+ <br><a href="/sitemap.txt">Sitemap</a>
+ </footer>
+ </article>
+ </div>
+ <!--#include virtual="sidebar.shtml" -->
+ </div>
+</div>
+
+<!--#include virtual="/inc/footer.shtml" -->
+</body>
+
+</html>
+
More information about the openssl-commits
mailing list