Vote proposal: Technical items still to be done
matt at openssl.org
Thu Oct 8 14:44:11 UTC 2020
Thanks for the feedback on this thread.
There was some feedback specifically on the vote text. I've made the
amendment suggested by Tomas, and numbered the items as suggested by
Nicola. I did not convert to markdown.
The other discussions on this thread I think are useful things to think
about when considering how to vote - but I don't think change the vote
text itself - so I've not made any changes in response to those things.
I'll shortly start this vote.
On 07/10/2020 12:35, Matt Caswell wrote:
> I had an action from the OTC meeting today to raise a vote on the OTC
> list of technical items still to be done. Here is my proposed vote text.
> There will be a subsequent vote on the "beta readiness checklist" which
> is a separate list.
> Feedback please on the proposed vote text below.
> The following items are required prerequisites for the first beta release:
> * EVP is the recommended API, it must be feature-complete compared with
> the functionality available using lower-level APIs.
> - Anything that isn’t available must be put to an OTC vote to exclude.
> - The apps are the minimum bar for this, subject to exceptions noted
> * Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_,
> - Does not include macros defining useful constants (e.g.
> - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`.
> - There might be some others.
> - Review for exceptions.
> - The apps are the minimum bar to measure feature completeness for the
> EVP interface: rewrite them so they do not use internal nor deprecated
> functions (except speed, engine, list, passwd -crypt and the code to
> handle the -engine CLI option). That is, remove the suppression of
> deprecated define.
> - Proposal: drop passwd -crypt (OMC vote required)
> - Compile and link 1.1.1 command line app against the master headers
> and library. Run 1.1.1 app test cases against the chimera. Treat this
> as an external test using a special 1.1.1 branch.
> Deprecated functions used by libssl should be moved to independent
> file(s), to limit the suppression of deprecated defines to the absolute
> minimum scope.
> * Draft documentation (contents but not pretty)
> - Need a list of things we know are not present - including things we
> have removed.
> - We need to have mapping tables for various d2i/i2d functions.
> - We need to have a mapping table from “old names” for things into the
> OSSL_PARAMS names.
> - Documentation addition to old APIs to refer to new ones (man7).
> - Documentation needs to reference name mapping.
> - All the legacy interfaces need to have their documentation
> pointing to the replacement interfaces.
> * Review (and maybe clean up) legacy bridge code.
> * Review TODO(3.0) items #12224.
> * Source checksum script.
> * Review of functions previously named _with_libctx.
> * Encoder fixers (PKCS#8, PKCS#1, etc).
> * Encoder DER to PEM refactor.
> * Builds and passes tests on all primary, secondary and FIPS platforms.
> * Query provider parameters (name, version, …) from the command line.
> * Setup buildbot infrastructure and associated instructions.
> * Complete make fipsinstall.
> * More specific decoding selection (e.g. params or keys).
> * Example code covering replacements for deprecated APIs.
> * Drop C code output options from the apps (OMC approval required).
> * Address 3.0beta1 milestones.
More information about the openssl-project