Vote proposal: Technical items still to be done

Nicola Tuveri nic.tuv at gmail.com
Wed Oct 7 14:23:25 UTC 2020


I support the edit proposed by Tomas.

First comment that I have is that I'd prefer the first-level items to
be actually numbered, as done in the drafts: we might put a disclaimer
that the numbers are not indicative of priority and just meant to be
used to address (equally important) tasks by index.

The second comment is just a quirk of mine: I prefer plain text emails
and Markdown formatting. If others shared the feeling (and nobody
objected to Markdown for our records) I'd volunteer to reformat the
draft of this vote text using Markdown syntax.

Nicola

On Wed, 7 Oct 2020 at 14:58, Tomas Mraz <tmraz at redhat.com> wrote:
>
> On Wed, 2020-10-07 at 12:35 +0100, Matt Caswell wrote:
> > I had an action from the OTC meeting today to raise a vote on the OTC
> > list of technical items still to be done. Here is my proposed vote
> > text.
> > There will be a subsequent vote on the "beta readiness checklist"
> > which
> > is a separate list.
> >
> > Feedback please on the proposed vote text below.
> >
> > The following items are required prerequisites for the first beta
> > release:
> > * EVP is the recommended API, it must be feature-complete compared
> > with
> > the functionality available using lower-level APIs.
> >   - Anything that isn’t available must be put to an OTC vote to
> > exclude.
> >   - The apps are the minimum bar for this, subject to exceptions
> > noted
> > below.
> > * Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_,
> > RAND_METHOD_.
> >   - Does not include macros defining useful constants (e.g.
> > SHA512_DIGEST_LENGTH).
> >   - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`.
> >   - There might be some others.
> >   - Review for exceptions.
> >   - The apps are the minimum bar to measure feature completeness for
> > the
> > EVP interface: rewrite them so they do not use internal nor
> > deprecated
> > functions (except speed, engine, list, passwd -crypt and the code to
> > handle the -engine CLI option).  That is, remove the suppression of
> > deprecated define.
> >     - Proposal: drop passwd -crypt (OMC vote required)
> >   - Compile and link 1.1.1 command line app against the master
> > headers
> > and library.  Run 1.1.1 app test cases against the chimera.  Treat
> > this
> > as an external test using a special 1.1.1 branch.
> > Deprecated functions used by libssl should be moved to independent
> > file(s), to limit the suppression of deprecated defines to the
> > absolute
> > minimum scope.
> > * Draft documentation (contents but not pretty)
> >   - Need a list of things we know are not present - including things
> > we
> > have removed.
> >   - We need to have mapping tables for various d2i/i2d functions.
> >   - We need to have a mapping table from “old names” for things into
> > the
> > OSSL_PARAMS names.
> >     - Documentation addition to old APIs to refer to new ones (man7).
> >     - Documentation needs to reference name mapping.
> >     - All the legacy interfaces need to have their documentation
> > pointing to the replacement interfaces.
> > * Review (and maybe clean up) legacy bridge code.
> > * Review TODO(3.0) items #12224.
> > * Source checksum script.
> > * Review of functions previously named _with_libctx.
> > * Encoder fixers (PKCS#8, PKCS#1, etc).
> > * Encoder DER to PEM refactor.
> > * Builds and passes tests on all primary, secondary and FIPS
> > platforms.
> > * Query provider parameters (name, version, …) from the command line.
> > * Setup buildbot infrastructure and associated instructions.
> > * Complete make fipsinstall.
> > * More specific decoding selection (e.g. params or keys).
> > * Example code covering replacements for deprecated APIs.
> > * Drop C code output options from the apps (OMC approval required).
> > * Address 3.0beta1 milestones.
>
> Address issues and PRs in the 3.0beta1 milestone.
>
> --
> Tomáš Mráz
> No matter how far down the wrong road you've gone, turn back.
>                                               Turkish proverb
> [You'll know whether the road is wrong if you carefully listen to your
> conscience.]
>
>


More information about the openssl-project mailing list