I had an action from the OTC meeting today to raise a vote on the OTC list of technical items still to be done. Here is my proposed vote text. There will be a subsequent vote on the "beta readiness checklist" which is a separate list.
Feedback please on the proposed vote text below. The following items are required prerequisites for the first beta release: * EVP is the recommended API, it must be feature-complete compared with the functionality available using lower-level APIs. - Anything that isn’t available must be put to an OTC vote to exclude. - The apps are the minimum bar for this, subject to exceptions noted below. * Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, RAND_METHOD_. - Does not include macros defining useful constants (e.g. SHA512_DIGEST_LENGTH). - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. - There might be some others. - Review for exceptions. - The apps are the minimum bar to measure feature completeness for the EVP interface: rewrite them so they do not use internal nor deprecated functions (except speed, engine, list, passwd -crypt and the code to handle the -engine CLI option). That is, remove the suppression of deprecated define. - Proposal: drop passwd -crypt (OMC vote required) - Compile and link 1.1.1 command line app against the master headers and library. Run 1.1.1 app test cases against the chimera. Treat this as an external test using a special 1.1.1 branch. Deprecated functions used by libssl should be moved to independent file(s), to limit the suppression of deprecated defines to the absolute minimum scope. * Draft documentation (contents but not pretty) - Need a list of things we know are not present - including things we have removed. - We need to have mapping tables for various d2i/i2d functions. - We need to have a mapping table from “old names” for things into the OSSL_PARAMS names. - Documentation addition to old APIs to refer to new ones (man7). - Documentation needs to reference name mapping. - All the legacy interfaces need to have their documentation pointing to the replacement interfaces. * Review (and maybe clean up) legacy bridge code. * Review TODO(3.0) items #12224. * Source checksum script. * Review of functions previously named _with_libctx. * Encoder fixers (PKCS#8, PKCS#1, etc). * Encoder DER to PEM refactor. * Builds and passes tests on all primary, secondary and FIPS platforms. * Query provider parameters (name, version, …) from the command line. * Setup buildbot infrastructure and associated instructions. * Complete make fipsinstall. * More specific decoding selection (e.g. params or keys). * Example code covering replacements for deprecated APIs. * Drop C code output options from the apps (OMC approval required). * Address 3.0beta1 milestones. Matt