Shane has done the IG D.9 work: it is in #12835 and is awaiting review. I think it should be in beta if possible. It’s mostly adding a second test case due to NIST changing guidance recently, so low risk and helpful for the lab.
As Shane notes in 12801, there will be some conflicts generated over the FIPS error handling and self tests, hopefully they won’t slow progress. 12754 could be considered optional and something better should likely be done for 3.1 that what I’m planning there. With RAND_DRBG removed, there is nothing remotely comparable. Even RAND_DRBG is a bit of a stretch as a comparison. The API renaming discussion *must* reach a conclusion before beta. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 10 Sep 2020, at 8:40 pm, Matt Caswell <m...@openssl.org> wrote: > > > > On 09/09/2020 13:03, Kurt Roeckx wrote: >> On Wed, Aug 26, 2020 at 04:58:26PM +0100, Matt Caswell wrote: >>> Please can anyone with PRs that they wish to have included in OpenSSL >>> 3.0 beta1 ensure that they are merged to master by 8th September. >> >> So that date has passed now. Can someone give an overview of what >> we think is still needed to be done before the beta 1 release? Are >> there open PRs for everything? Do we a milestone on github to >> indicate which PRs need to go in before beta1? > > > I believe the "blockers" to be: > > https://urldefense.com/v3/__https://github.com/openssl/openssl/pull/12536__;!!GqivPVa7Brio!O5gzpHuWIANvRtRYOHA9m7SK4SqMUb2uLzEGQbUrX9nFSRhT7-sA0F-JQc5z_l4$ > > https://urldefense.com/v3/__https://github.com/openssl/openssl/pull/12754__;!!GqivPVa7Brio!O5gzpHuWIANvRtRYOHA9m7SK4SqMUb2uLzEGQbUrX9nFSRhT7-sA0F-JseFWMvQ$ > > https://urldefense.com/v3/__https://github.com/openssl/openssl/pull/12750__;!!GqivPVa7Brio!O5gzpHuWIANvRtRYOHA9m7SK4SqMUb2uLzEGQbUrX9nFSRhT7-sA0F-J0OAUQ5s$ > > https://urldefense.com/v3/__https://github.com/openssl/openssl/pull/12781__;!!GqivPVa7Brio!O5gzpHuWIANvRtRYOHA9m7SK4SqMUb2uLzEGQbUrX9nFSRhT7-sA0F-JYPbPTZA$ > > https://urldefense.com/v3/__https://github.com/openssl/openssl/pull/12801__;!!GqivPVa7Brio!O5gzpHuWIANvRtRYOHA9m7SK4SqMUb2uLzEGQbUrX9nFSRhT7-sA0F-J_mL-S18$ > > > Aside from these there are potential PRs not yet opened but slated for > beta1 regarding: > - Refactor serialization? (owner: Richard) > - lhash refactor? (owner: Me) > - IG D.9 update? (owner: Shane) > > There's also this issue - but I'm not sure that it needs to be resolved > for beta1: > https://urldefense.com/v3/__https://github.com/openssl/openssl/issues/12195__;!!GqivPVa7Brio!O5gzpHuWIANvRtRYOHA9m7SK4SqMUb2uLzEGQbUrX9nFSRhT7-sA0F-J1-VRwBk$ > > > Matt
