Vote proposal: Technical items still to be done

Tomas Mraz tmraz at redhat.com
Wed Oct 7 11:58:15 UTC 2020 

On Wed, 2020-10-07 at 12:35 +0100, Matt Caswell wrote:
> I had an action from the OTC meeting today to raise a vote on the OTC
> list of technical items still to be done. Here is my proposed vote
> text.
> There will be a subsequent vote on the "beta readiness checklist"
> which
> is a separate list.
> 
> Feedback please on the proposed vote text below.
> 
> The following items are required prerequisites for the first beta
> release:
> * EVP is the recommended API, it must be feature-complete compared
> with
> the functionality available using lower-level APIs.
>   - Anything that isn’t available must be put to an OTC vote to
> exclude.
>   - The apps are the minimum bar for this, subject to exceptions
> noted
> below.
> * Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_,
> RAND_METHOD_.
>   - Does not include macros defining useful constants (e.g.
> SHA512_DIGEST_LENGTH).
>   - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`.
>   - There might be some others.
>   - Review for exceptions.
>   - The apps are the minimum bar to measure feature completeness for
> the
> EVP interface: rewrite them so they do not use internal nor
> deprecated
> functions (except speed, engine, list, passwd -crypt and the code to
> handle the -engine CLI option).  That is, remove the suppression of
> deprecated define.
>     - Proposal: drop passwd -crypt (OMC vote required)
>   - Compile and link 1.1.1 command line app against the master
> headers
> and library.  Run 1.1.1 app test cases against the chimera.  Treat
> this
> as an external test using a special 1.1.1 branch.
> Deprecated functions used by libssl should be moved to independent
> file(s), to limit the suppression of deprecated defines to the
> absolute
> minimum scope.
> * Draft documentation (contents but not pretty)
>   - Need a list of things we know are not present - including things
> we
> have removed.
>   - We need to have mapping tables for various d2i/i2d functions.
>   - We need to have a mapping table from “old names” for things into
> the
> OSSL_PARAMS names.
>     - Documentation addition to old APIs to refer to new ones (man7).
>     - Documentation needs to reference name mapping.
>     - All the legacy interfaces need to have their documentation
> pointing to the replacement interfaces.
> * Review (and maybe clean up) legacy bridge code.
> * Review TODO(3.0) items #12224.
> * Source checksum script.
> * Review of functions previously named _with_libctx.
> * Encoder fixers (PKCS#8, PKCS#1, etc).
> * Encoder DER to PEM refactor.
> * Builds and passes tests on all primary, secondary and FIPS
> platforms.
> * Query provider parameters (name, version, …) from the command line.
> * Setup buildbot infrastructure and associated instructions.
> * Complete make fipsinstall.
> * More specific decoding selection (e.g. params or keys).
> * Example code covering replacements for deprecated APIs.
> * Drop C code output options from the apps (OMC approval required).
> * Address 3.0beta1 milestones.

Address issues and PRs in the 3.0beta1 milestone.

-- 
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]

More information about the openssl-project mailing list