VOTE: Technical Items still to be done

SHANE LONTIS shane.lontis at oracle.com
Thu Oct 8 22:21:29 UTC 2020


+1



> On 9 Oct 2020, at 12:47 am, Matt Caswell <matt at openssl.org> wrote:
> 
> topic: The following items are required prerequisites for the first beta
> release:
> 1) EVP is the recommended API, it must be feature-complete compared with
>    the functionality available using lower-level APIs.
>   - Anything that isn’t available must be put to an OTC vote to exclude.
>   - The apps are the minimum bar for this, subject to exceptions noted
> below.
> 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_,
>    RAND_METHOD_.
>   - Does not include macros defining useful constants (e.g.
>     SHA512_DIGEST_LENGTH).
>   - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`.
>   - There might be some others.
>   - Review for exceptions.
>   - The apps are the minimum bar to measure feature completeness for
> the EVP
>     interface: rewrite them so they do not use internal nor deprecated
>     functions (except speed, engine, list, passwd -crypt and the code
> to handle
>     the -engine CLI option).  That is, remove the suppression of deprecated
>     define.
>     - Proposal: drop passwd -crypt (OMC vote required)
>   - Compile and link 1.1.1 command line app against the master headers and
>     library.  Run 1.1.1 app test cases against the chimera.  Treat this
> as an
>     external test using a special 1.1.1 branch. Deprecated functions
> used by
>     libssl should be moved to independent file(s), to limit the
> suppression of
>     deprecated defines to the absolute minimum scope.
> 3) Draft documentation (contents but not pretty)
>   - Need a list of things we know are not present - including things we
> have
>     removed.
>   - We need to have mapping tables for various d2i/i2d functions.
>   - We need to have a mapping table from “old names” for things into the
>     OSSL_PARAMS names.
>     - Documentation addition to old APIs to refer to new ones (man7).
>     - Documentation needs to reference name mapping.
>     - All the legacy interfaces need to have their documentation
> pointing to
>       the replacement interfaces.
> 4) Review (and maybe clean up) legacy bridge code.
> 5) Review TODO(3.0) items #12224.
> 6) Source checksum script.
> 7) Review of functions previously named _with_libctx.
> 8) Encoder fixes (PKCS#8, PKCS#1, etc).
> 9) Encoder DER to PEM refactor.
> 10) Builds and passes tests on all primary, secondary and FIPS platforms.
> 11) Query provider parameters (name, version, ...) from the command line.
> 12) Setup buildbot infrastructure and associated instructions.
> 13) Complete make fipsinstall.
> 14) More specific decoding selection (e.g. params or keys).
> 15) Example code covering replacements for deprecated APIs.
> 16) Drop C code output options from the apps (OMC approval required).
> 17) Address issues and PRs in the 3.0beta1 milestone.
> Proposed by .
> Public: yes
> opened: 2020-10-08
> closed: 2020-mm-dd
> accepted:  yes/no  (for: X, against: Y, abstained: Z, not voted: T)
> 
>  Matt       [+1]
>  Mark       [  ]
>  Pauli      [  ]
>  Viktor     [  ]
>  Tim        [  ]
>  Richard    [  ]
>  Shane      [  ]
>  Tomas      [  ]
>  Kurt       [  ]
>  Matthias   [  ]
>  Nicola     [  ]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-project/attachments/20201009/2423ccfb/attachment-0001.html>


More information about the openssl-project mailing list