<div dir="ltr">+1<br><div><br></div><div>Tim.</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Oct 9, 2020 at 12:47 AM Matt Caswell <<a href="mailto:matt@openssl.org">matt@openssl.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">topic: The following items are required prerequisites for the first beta<br>
release:<br>
1) EVP is the recommended API, it must be feature-complete compared with<br>
the functionality available using lower-level APIs.<br>
- Anything that isn’t available must be put to an OTC vote to exclude.<br>
- The apps are the minimum bar for this, subject to exceptions noted<br>
below.<br>
2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_,<br>
RAND_METHOD_.<br>
- Does not include macros defining useful constants (e.g.<br>
SHA512_DIGEST_LENGTH).<br>
- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`.<br>
- There might be some others.<br>
- Review for exceptions.<br>
- The apps are the minimum bar to measure feature completeness for<br>
the EVP<br>
interface: rewrite them so they do not use internal nor deprecated<br>
functions (except speed, engine, list, passwd -crypt and the code<br>
to handle<br>
the -engine CLI option). That is, remove the suppression of deprecated<br>
define.<br>
- Proposal: drop passwd -crypt (OMC vote required)<br>
- Compile and link 1.1.1 command line app against the master headers and<br>
library. Run 1.1.1 app test cases against the chimera. Treat this<br>
as an<br>
external test using a special 1.1.1 branch. Deprecated functions<br>
used by<br>
libssl should be moved to independent file(s), to limit the<br>
suppression of<br>
deprecated defines to the absolute minimum scope.<br>
3) Draft documentation (contents but not pretty)<br>
- Need a list of things we know are not present - including things we<br>
have<br>
removed.<br>
- We need to have mapping tables for various d2i/i2d functions.<br>
- We need to have a mapping table from “old names” for things into the<br>
OSSL_PARAMS names.<br>
- Documentation addition to old APIs to refer to new ones (man7).<br>
- Documentation needs to reference name mapping.<br>
- All the legacy interfaces need to have their documentation<br>
pointing to<br>
the replacement interfaces.<br>
4) Review (and maybe clean up) legacy bridge code.<br>
5) Review TODO(3.0) items #12224.<br>
6) Source checksum script.<br>
7) Review of functions previously named _with_libctx.<br>
8) Encoder fixes (PKCS#8, PKCS#1, etc).<br>
9) Encoder DER to PEM refactor.<br>
10) Builds and passes tests on all primary, secondary and FIPS platforms.<br>
11) Query provider parameters (name, version, ...) from the command line.<br>
12) Setup buildbot infrastructure and associated instructions.<br>
13) Complete make fipsinstall.<br>
14) More specific decoding selection (e.g. params or keys).<br>
15) Example code covering replacements for deprecated APIs.<br>
16) Drop C code output options from the apps (OMC approval required).<br>
17) Address issues and PRs in the 3.0beta1 milestone.<br>
Proposed by .<br>
Public: yes<br>
opened: 2020-10-08<br>
closed: 2020-mm-dd<br>
accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T)<br>
<br>
Matt [+1]<br>
Mark [ ]<br>
Pauli [ ]<br>
Viktor [ ]<br>
Tim [ ]<br>
Richard [ ]<br>
Shane [ ]<br>
Tomas [ ]<br>
Kurt [ ]<br>
Matthias [ ]<br>
Nicola [ ]<br>
</blockquote></div>