[openssl-project] Some TLS 1.3 drafts don't have branches

Matt Caswell matt at openssl.org
Thu Apr 12 09:51:49 UTC 2018



On 12/04/18 02:42, Salz, Rich wrote:
> ; g branch -r -v -a | grep -i draft
> 
>   remotes/origin/tls1.3-draft-18             669c623 Update PR#3925
> 
>   remotes/origin/tls1.3-draft-19             d4d9864 Update PR#3925
> 
> ;
> 
>  
> 
> I recently had someone need draft-21 and they did
> 
>  
> 
> git checkout 515982154031b679f58d5e2cbd7752294779221e

That's the last commit of the PR that introduced draft-21 support. A
better commit would be f90852093f which is the last commit before
draft-22 support was added.

I think tags are more appropriate than branches. We created a branch for
draft-18 because at the time all the browsers were stuck on that draft
version with no sign that they might move for a while so we thought we
might end up backporting fixes to the draft-18 branch (which I think we
did do in a few cases). Now though I think it's unlikely we would
backport fixes to older draft releases.

I'd suggest these tags for the various draft versions:

tls1.3-draft-20 9561e2a169
tls1.3-draft-21 f90852093f
tls1.3-draft-22 eee8a40aa5
tls1.3-draft-23 95ea8da176

The current version number declared in supported_versions at the head of
master is draft-26 (we skipped support for draft-24 and draft-25). This
seems to be the one everyone else is still using. The current document
is at draft-28 but there have been no incompatible changes (other than
the draft version number itself).

If someone gives me a +1 I'll create the above.

Matt



More information about the openssl-project mailing list