The hold on PR 12089
Salz, Rich
rsalz at akamai.com
Tue Jun 9 23:40:46 UTC 2020
What is the timetable for resolving https://github.com/openssl/openssl/pull/12089 ?
The Beta is planned for a July 16 release. There is a massive RAND/DRBG PR (https://github.com/openssl/openssl/pull/11682, the provider-friendly random) that is in the pipeline, and 12089 and 11682 will undoubtedly cause merge issues whichever gets merged first. That means extra time will be needed to reconcile. An OMC vote, once started, can be resolved in as quickly as 24 hours, but often take one or two weeks if most people abstain.
Being conservative, then, the OMC needs to discuss and vote, before the end of this month.
An additional complication is around the question of who votes: the OMC or the OTC. It is hard to justify this as requiring OMC action, unless the project is committing to avoiding such language in the future as a policy. But if the project wants to decide that, it can do so. Regardless of the policy, PR 12089 could be seen as purely an OTC issue, and OMC involvement is over-reach – what in https://www.openssl.org/policies/omc-bylaws.html justifies OMC involvement?. Nothing changes but some names; is the naming of things within OMC perview? I would love to know what OTC members think.
So, what is the timetable, and what is the plan?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-project/attachments/20200609/30b8789e/attachment-0001.html>
More information about the openssl-project
mailing list