VOTE: Technical Items still to be done
shane.lontis at oracle.com
Thu Oct 8 22:21:29 UTC 2020
> On 9 Oct 2020, at 12:47 am, Matt Caswell <matt at openssl.org> wrote:
> topic: The following items are required prerequisites for the first beta
> 1) EVP is the recommended API, it must be feature-complete compared with
> the functionality available using lower-level APIs.
> - Anything that isn’t available must be put to an OTC vote to exclude.
> - The apps are the minimum bar for this, subject to exceptions noted
> 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_,
> - Does not include macros defining useful constants (e.g.
> - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`.
> - There might be some others.
> - Review for exceptions.
> - The apps are the minimum bar to measure feature completeness for
> the EVP
> interface: rewrite them so they do not use internal nor deprecated
> functions (except speed, engine, list, passwd -crypt and the code
> to handle
> the -engine CLI option). That is, remove the suppression of deprecated
> - Proposal: drop passwd -crypt (OMC vote required)
> - Compile and link 1.1.1 command line app against the master headers and
> library. Run 1.1.1 app test cases against the chimera. Treat this
> as an
> external test using a special 1.1.1 branch. Deprecated functions
> used by
> libssl should be moved to independent file(s), to limit the
> suppression of
> deprecated defines to the absolute minimum scope.
> 3) Draft documentation (contents but not pretty)
> - Need a list of things we know are not present - including things we
> - We need to have mapping tables for various d2i/i2d functions.
> - We need to have a mapping table from “old names” for things into the
> OSSL_PARAMS names.
> - Documentation addition to old APIs to refer to new ones (man7).
> - Documentation needs to reference name mapping.
> - All the legacy interfaces need to have their documentation
> pointing to
> the replacement interfaces.
> 4) Review (and maybe clean up) legacy bridge code.
> 5) Review TODO(3.0) items #12224.
> 6) Source checksum script.
> 7) Review of functions previously named _with_libctx.
> 8) Encoder fixes (PKCS#8, PKCS#1, etc).
> 9) Encoder DER to PEM refactor.
> 10) Builds and passes tests on all primary, secondary and FIPS platforms.
> 11) Query provider parameters (name, version, ...) from the command line.
> 12) Setup buildbot infrastructure and associated instructions.
> 13) Complete make fipsinstall.
> 14) More specific decoding selection (e.g. params or keys).
> 15) Example code covering replacements for deprecated APIs.
> 16) Drop C code output options from the apps (OMC approval required).
> 17) Address issues and PRs in the 3.0beta1 milestone.
> Proposed by .
> Public: yes
> opened: 2020-10-08
> closed: 2020-mm-dd
> accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T)
> Matt [+1]
> Mark [ ]
> Pauli [ ]
> Viktor [ ]
> Tim [ ]
> Richard [ ]
> Shane [ ]
> Tomas [ ]
> Kurt [ ]
> Matthias [ ]
> Nicola [ ]
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-project