[STATUS] OpenSSL (Sun 8-Dec-2002)
-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 1-Dec-2002)
. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 24-Nov-2002)
. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 17-Nov-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 10-Nov-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 3-Nov-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 27-Oct-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 13-Oct-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 29-Sep-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 22-Sep-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 8-Sep-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 1-Sep-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 25-Aug-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 18-Aug-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/08/14 11:07:29 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6g: Released on August 9th, 2002 o OpenSSL 0.9.6f: Released on August 8th, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o 0.9.8-dev: COMPLEMENTOFALL and COMPLEMENTOFDEFAULT do not handle ECCdraft cipher suites correctly. o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 4-Aug-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/07/30 11:32:47 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta3: Released on July 30th, 2002 o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6e: Released on July 30th, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 28-Jul-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/06/16 18:20:28 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 14-Jul-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/06/16 18:20:28 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 7-Jul-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/06/16 18:20:28 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 30-Jun-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/06/16 18:20:28 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 23-Jun-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/06/16 18:20:28 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta2: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 16-Jun-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/06/16 11:33:59 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta1: Released on June 16th, 2002 o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 9-Jun-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/06/01 15:33:36 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 2-Jun-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/06/01 15:33:36 $ DEVELOPMENT STATE o OpenSSL 0.9.8: Under development... o OpenSSL 0.9.7-beta1: Released on June 1st, 2002 o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 26-May-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/05/16 10:01:53 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 [See also http://www.openssl.org/support/rt2.html] RELEASE SHOWSTOPPERS o BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o Do we want the EVP API changes in 0.9.7? Can compatibility be improved? o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 12-May-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/05/09 23:54:02 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6d: Released on May9th, 2002 o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o inappropriate AlgorithmIdentifier used in S/MIME signatures (key type instead of signature algorithm) o AES ciphersuites are not (yet) official and should not be enabled unless explicitly requested o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o Do we want the EVP API changes in 0.9.7? Can compatibility be improved? o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 28-Apr-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/04/26 08:28:28 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o inappropriate AlgorithmIdentifier used in S/MIME signatures (key type instead of signature algorithm) o AES ciphersuites are not (yet) official and should not be enabled unless explicitly requested o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o Do we want the EVP API changes in 0.9.7? Can compatibility be improved? o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 21-Apr-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/04/13 22:47:04 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 14-Apr-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/04/13 22:47:04 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 7-Apr-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/03/11 09:36:04 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o An (optional) countermeasure against the predictable-IV CBC weakness in SSL/TLS should be added; see http://www.openssl.org/~bodo/tls-cbc.txt o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 31-Mar-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/03/11 09:36:04 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o An (optional) countermeasure against the predictable-IV CBC weakness in SSL/TLS should be added; see http://www.openssl.org/~bodo/tls-cbc.txt o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 24-Mar-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/03/11 09:36:04 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o An (optional) countermeasure against the predictable-IV CBC weakness in SSL/TLS should be added; see http://www.openssl.org/~bodo/tls-cbc.txt o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 17-Mar-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/03/11 09:36:04 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc and other 64-bit platforms Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] - BN_mod_mul verification fails for mips3-sgi-irix unless configured with no-asm AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o An (optional) countermeasure against the predictable-IV CBC weakness in SSL/TLS should be added; see http://www.openssl.org/~bodo/tls-cbc.txt o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 10-Mar-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/03/06 06:25:31 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] OpenBSD-sparc64 doesn't work. BN_mod_mul breaks. Needs checked on [add platforms here] AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o An (optional) countermeasure against the predictable-IV CBC weakness in SSL/TLS should be added; see http://www.openssl.org/~bodo/tls-cbc.txt o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 3-Mar-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/02/28 22:07:50 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] Needs checked on [add platforms here] AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o An (optional) countermeasure against the predictable-IV CBC weakness in SSL/TLS should be added; see http://www.openssl.org/~bodo/tls-cbc.txt o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/; Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 24-Feb-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/02/21 17:23:04 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc Checked on Result alpha-cc (Tru64 version 4.0)works linux-alpha+bwx-gcc doesn't work. Reported by Sean O'Riordain [EMAIL PROTECTED] Needs checked on [add platforms here] AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o An (optional) countermeasure against the predictable-IV CBC weakness in SSL/TLS should be added; see http://www.openssl.org/~bodo/tls-cbc.txt o apps/ca.c: Sign the certificate? - n creates empty certificate file o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well
[STATUS] OpenSSL (Sun 17-Feb-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/02/13 10:21:25 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o An (optional) countermeasure against the predictable-IV CBC weakness in SSL/TLS should be added; see http://www.openssl.org/~bodo/tls-cbc.txt o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet
[STATUS] OpenSSL (Sun 10-Feb-2002)
OpenSSL STATUS Last modified at __ $Date: 2002/02/09 01:49:53 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o Add variants of DH_generate_parameters() and BN_generate_prime() [etc?] where the callback function can request that the function be aborted. [Gregory Stark [EMAIL PROTECTED], [EMAIL PROTECTED]] o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH
[STATUS] OpenSSL (Sun 3-Feb-2002)
OpenSSL STATUS Last modified at __ $Date: 2001/12/21 03:23:15 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http
[STATUS] OpenSSL (Sun 27-Jan-2002)
OpenSSL STATUS Last modified at __ $Date: 2001/12/21 03:23:15 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http
[STATUS] OpenSSL (Sun 13-Jan-2002)
OpenSSL STATUS Last modified at __ $Date: 2001/12/21 03:23:15 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http
[STATUS] OpenSSL (Sun 6-Jan-2002)
OpenSSL STATUS Last modified at __ $Date: 2001/12/21 03:23:15 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http
[STATUS] OpenSSL (Sun 30-Dec-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/12/21 03:23:15 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http
[STATUS] OpenSSL (Sun 23-Dec-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/12/21 03:23:15 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6c: Released on December 21st, 2001 o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http
[STATUS] OpenSSL (Sun 9-Dec-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/11/14 21:21:47 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List
[STATUS] OpenSSL (Sun 2-Dec-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/11/14 21:21:47 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List
[STATUS] OpenSSL (Sun 25-Nov-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/11/14 21:21:47 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List
[STATUS] OpenSSL (Sun 18-Nov-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/11/14 21:21:47 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List
[STATUS] OpenSSL (Sun 4-Nov-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/09/25 11:01:14 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com
[STATUS] OpenSSL (Sun 21-Oct-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/09/25 11:01:14 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com
[STATUS] OpenSSL (Sun 14-Oct-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/09/25 11:01:14 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com
[STATUS] OpenSSL (Sun 7-Oct-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/09/25 11:01:14 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com
[STATUS] OpenSSL (Sun 30-Sep-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/09/25 11:01:14 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o All 'openssl' subprograms taking '-des' and '-des3' options should include AES support (0.9.7-dev) o 'openssl speed' should include AES support (0.9.7-dev) o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com
[STATUS] OpenSSL (Sun 23-Sep-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/09/14 08:45:43 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http
[STATUS] OpenSSL (Sun 16-Sep-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/09/14 08:45:43 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o BIGNUM library failures on 64-bit platforms (0.9.7-dev): - BN_mod_mul verificiation (bc) fails for solaris64-sparcv9-cc AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported o OpenSSL STATUS is never up-to-date. OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http
[STATUS] OpenSSL (Sun 9-Sep-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/17 14:39:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful
[STATUS] OpenSSL (Sun 2-Sep-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/17 14:39:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful
[STATUS] OpenSSL (Sun 26-Aug-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/17 14:39:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful
[STATUS] OpenSSL (Sun 19-Aug-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/17 14:39:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful
[STATUS] OpenSSL (Sun 5-Aug-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/17 14:39:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful
[STATUS] OpenSSL (Sun 29-Jul-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/17 14:39:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful
[STATUS] OpenSSL (Sun 22-Jul-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/17 14:39:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6b: Released on July 9th, 2001 o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o IA-64 (a.k.a. Intel Itanium) public-key operation performance patch for Linux is available for download at http://www.openssl.org/~appro/096b.linux-ia64.diff. As URL suggests the patch is relative to OpenSSL 0.9.6b. IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful
[STATUS] OpenSSL (Sun 15-Jul-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/04 20:56:08 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 8-Jul-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/07/04 20:56:08 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UI (User Interface) UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. Kerberos 5 authentication Constification OCSP NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o SRP in TLS. [wished by: Dj [EMAIL PROTECTED], Tom Wu [EMAIL PROTECTED], Tom Holroyd [EMAIL PROTECTED]] See http://search.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt as well as http://www-cs-students.stanford.edu/~tjw/srp/. Tom Holroyd tells us there is a SRP patch for OpenSSH at http://members.tripod.com/professor_tom/archives/, that could be useful. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 6-May-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/04/09 07:15:16 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 29-Apr-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/04/09 07:15:16 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: Sign the certificate? - n creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 22-Apr-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/04/09 07:15:16 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 15-Apr-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/04/09 07:15:16 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Released on April 5th, 2001 o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 1-Apr-2001)
ichard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 25-Mar-2001)
.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 18-Mar-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/02/22 15:10:11 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Bugfix release -- under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 4-Mar-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/02/22 15:10:11 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Bugfix release -- under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o OpenSSL_0_9_6-stable: #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 18-Feb-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/01/23 12:30:43 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Bugfix release -- under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. (This applies to openssl-0.9.6-stable too; openssl/conf.h is the offending header file. While it is rarely used itself by applications, it is included by openssl/x509v3.h, which is more likely to be used.) o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 4-Feb-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/01/23 12:30:43 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Bugfix release -- under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use. (This applies to openssl-0.9.6-stable too; openssl/conf.h is the offending header file. While it is rarely used itself by applications, it is included by openssl/x509v3.h, which is more likely to be used.) o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 21-Jan-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/01/12 14:06:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Bugfix release -- under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 14-Jan-2001)
OpenSSL STATUS Last modified at __ $Date: 2001/01/12 14:06:26 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6a: Bugfix release -- under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS o AVAILABLE PATCHES o IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file o #include openssl/e_os.h in exported header files is illegal since e_os.h is suitable only for library-internal use o Whenever strncpy is used, make sure the resulting string is NULL-terminated or an error is reported OPEN ISSUES o crypto/ex_data.c is not really thread-safe and so must be used with care (e.g., extra locking where necessary, or don't call CRYPTO_get_ex_new_index once multiple threads exist). The current API is not suitable for everything that it pretends to offer. o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 7-Jan-2001)
OpenSSL STATUS Last modified at __ $Date: 2000/12/13 18:21:47 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 31-Dec-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/12/13 18:21:47 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 24-Dec-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/12/13 18:21:47 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 17-Dec-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/12/13 18:21:47 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. OCSP EVP cipher enhancement. Enhanced certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 10-Dec-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/11/19 14:11:03 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. /* Proper (or at least usable) certificate chain verification. */ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 3-Dec-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/11/19 14:11:03 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. /* Proper (or at least usable) certificate chain verification. */ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 26-Nov-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/11/19 14:11:03 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. /* Proper (or at least usable) certificate chain verification. */ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 19-Nov-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/11/19 14:11:03 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. /* Proper (or at least usable) certificate chain verification. */ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Shared library support for VMS. OCSP Kerberos 5 authentication Constification NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 12-Nov-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/10/26 21:07:27 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. /* Proper (or at least usable) certificate chain verification. */ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 5-Nov-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/10/26 21:07:27 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. /* Proper (or at least usable) certificate chain verification. */ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 29-Oct-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/10/26 21:07:27 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. /* Proper (or at least usable) certificate chain verification. */ Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 22-Oct-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/09/24 17:31:36 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 15-Oct-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/09/24 17:31:36 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 8-Oct-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/09/24 17:31:36 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 1-Oct-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/09/24 17:31:36 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 24-Sep-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/09/24 17:31:36 $ DEVELOPMENT STATE o OpenSSL 0.9.7: Under development... o OpenSSL 0.9.6: Released on September 24th, 2000 o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March 22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 10-Sep-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/09/07 08:14:46 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. Shared library support for VMS. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 3-Sep-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/07/02 21:11:11 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 27-Aug-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/07/02 21:11:11 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 20-Aug-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/07/02 21:11:11 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 13-Aug-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/07/02 21:11:11 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 6-Aug-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/07/02 21:11:11 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 23-Jul-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/07/02 21:11:11 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 9-Jul-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/07/02 21:11:11 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): ASN1 code redesign, butchery, replacement. EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[STATUS] OpenSSL (Sun 2-Jul-2000)
OpenSSL STATUS Last modified at __ $Date: 2000/06/14 17:27:02 $ DEVELOPMENT STATE o OpenSSL 0.9.6: Under development... o OpenSSL 0.9.5a: Released on April 1st, 2000 o OpenSSL 0.9.5: Released on February 28th, 2000 o OpenSSL 0.9.4: Released on August 09th, 1999 o OpenSSL 0.9.3a: Released on May 29th, 1999 o OpenSSL 0.9.3: Released on May 25th, 1999 o OpenSSL 0.9.2b: Released on March22th, 1999 o OpenSSL 0.9.1c: Released on December 23th, 1998 RELEASE SHOWSTOPPERS AVAILABLE PATCHES o CA.pl patch (Damien Miller) IN PROGRESS o Steve is currently working on (in no particular order): EVP cipher enhancement. Proper (or at least usable) certificate chain verification. Private key, certificate and CRL API and implementation. Developing and bugfixing PKCS#7 (S/MIME code). Various X509 issues: character sets, certificate request extensions. o Geoff and Richard are currently working on: ENGINE (the new code that gives hardware support among others). o Richard is currently working on: UTIL (a new set of library functions to support some higher level functionality that is currently missing). Dynamic thread-lock support. NEEDS PATCH o non-blocking socket on AIX o $(PERL) in */Makefile.ssl o "Sign the certificate?" - "n" creates empty certificate file OPEN ISSUES o internal_verify doesn't know about X509.v3 (basicConstraints CA flag ...) o The Makefile hierarchy and build mechanism is still not a round thing: 1. The config vs. Configure scripts It's the same nasty situation as for Apache with APACI vs. src/Configure. It confuses. Suggestion: Merge Configure and config into a single configure script with a Autoconf style interface ;-) and remove Configure and config. Or even let us use GNU Autoconf itself. Then we can avoid a lot of those platform checks which are currently in Configure. o Support for Shared Libraries has to be added at least for the major Unix platforms. The details we can rip from the stuff Ralf has done for the Apache src/Configure script. Ben wants the solution to be really simple. Status: Ralf will look how we can easily incorporate the compiler PIC and linker DSO flags from Apache into the OpenSSL Configure script. Ulf: +1 for using GNU autoconf and libtool (but not automake, which apparently is not flexible enough to generate libcrypto) o The perl/ stuff needs a major overhaul. Currently it's totally obsolete. Either we clean it up and enhance it to be up-to-date with the C code or we also could replace it with the really nice Net::SSLeay package we can find under http://www.neuronio.pt/SSLeay.pm.html. Ralf uses this package for a longer time and it works fine and is a nice Perl module. Best would be to convince the author to work for the OpenSSL project and create a Net::OpenSSL or Crypt::OpenSSL package out of it and maintains it for us. Status: Ralf thinks we should both contact the author of Net::SSLeay and look how much effort it is to bring Eric's perl/ stuff up to date. Paul +1 WISHES o __________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
