Re: [openssl-project] Forthcoming OpenSSL releases

2018-03-20 Thread Salz, Rich
This should include the fix to the bug Guido found.

On 3/20/18, 1:18 PM, "Matt Caswell"  wrote:

Forthcoming OpenSSL releases


The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.1.0h and 1.0.2o.

These releases will be made available on 27th March 2018 between
approximately 1300-1700 UTC.

These are security-fix releases. The highest severity issue fixed in
these releases is MODERATE.

Yours

The OpenSSL Project Team



___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Re: [openssl-project] Code Repo

2018-03-20 Thread Richard Levitte
Why do you want to rush it?  A month earlier than what we've currently
scheduled is in 4 weeks.  I think the added stress will do nothing
good for us, or our community.

In message  on Tue, 20 Mar 
2018 17:57:45 +, "Salz, Rich"  said:

rsalz> Therefore, we could have the release done a month earlier if we
rsalz> wanted to open master for non-release things.
rsalz> 
rsalz> 
rsalz> On 3/20/18, 1:54 PM, "Benjamin Kaduk"  wrote:
rsalz> 
rsalz> On Wed, Mar 21, 2018 at 12:27:13AM +1000, Tim Hudson wrote:
rsalz> > We have been holding off on post-1.1.1 feature development for a 
long time
rsalz> > now - on the grounds that TLSv1.3 was just around the corner etc 
and the
rsalz> > release was close - and then we formed a release plan which we 
pushed back
rsalz> > a week.
rsalz> 
rsalz> I expect TLS 1.3 to be sent to the RFC Editor in the next day.
rsalz> 
rsalz> -Ben
rsalz> ___
rsalz> openssl-project mailing list
rsalz> openssl-project@openssl.org
rsalz> https://mta.openssl.org/mailman/listinfo/openssl-project
rsalz> 
rsalz> 
rsalz> ___
rsalz> openssl-project mailing list
rsalz> openssl-project@openssl.org
rsalz> https://mta.openssl.org/mailman/listinfo/openssl-project
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Re: [openssl-project] Code Repo

2018-03-20 Thread Benjamin Kaduk
On Wed, Mar 21, 2018 at 12:27:13AM +1000, Tim Hudson wrote:
> We have been holding off on post-1.1.1 feature development for a long time
> now - on the grounds that TLSv1.3 was just around the corner etc and the
> release was close - and then we formed a release plan which we pushed back
> a week.

I expect TLS 1.3 to be sent to the RFC Editor in the next day.

-Ben
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project


Re: [openssl-project] Code Repo

2018-03-20 Thread Salz, Rich
We still have a lot of work to do to meet our release goals. It was really bad 
last time and we definitely lost our focus multiple times.

If in two weeks we get everything done and we’re just sitting aroun waiting for 
the IETF to publish, great.  But if not, I strongly believe the only thing we 
should be working on is the release.

EVERYONE can do code reviews.

From: Tim Hudson 
Reply-To: "openssl-project@openssl.org" 
Date: Tuesday, March 20, 2018 at 10:27 AM
To: "openssl-project@openssl.org" 
Subject: Re: [openssl-project] Code Repo

We have been holding off on post-1.1.1 feature development for a long time now 
- on the grounds that TLSv1.3 was just around the corner etc and the release 
was close - and then we formed a release plan which we pushed back a week.

It is long overdue that we get to start moving those other things forward in my 
view.
We had planned to start moving around a pile of stuff for FIPS related items - 
and keeping master locked for API changes really works against that.

There are a large range of PRs which we pushed off as must-wait-for-post-1.1.1 
and those are things that remain stalled as long as we keep master locked down.

The release for 1.1.1 should be pretty close to "complete" as such - looking at 
the plans - as with no new features going in the work remaining should be 
relatively staight forward.
Rich's suggestions I think tend to indicate more  work going into the release 
that planned - and we had said we were creating this branch - and deviating 
from that at the last minute isn't really how we shuold be making decisions as 
a project.
Some stuff that would normally be in a banch now isn't ... as Richard noted in 
the PR.

Tim.


On Wed, Mar 21, 2018 at 12:17 AM, Matt Caswell 
> wrote:
The beta release is now complete.

Important:

We did *not* create the OpenSSL_1_1_1-stable branch as planned (see
https://github.com/openssl/openssl/pull/5690
 for the discussion that led
to that decision). For now the release was done from the master branch
in the same way as we did for the previous alpha releases. However the
feature freeze *is* in force. Therefore no features can be pushed into
the repo until such time as the branch is created. All commits to master
must be suitable for inclusion in the 1.1.1 release.

Matt
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Re: [openssl-project] Code Repo

2018-03-20 Thread Tim Hudson
We have been holding off on post-1.1.1 feature development for a long time
now - on the grounds that TLSv1.3 was just around the corner etc and the
release was close - and then we formed a release plan which we pushed back
a week.

It is long overdue that we get to start moving those other things forward
in my view.
We had planned to start moving around a pile of stuff for FIPS related
items - and keeping master locked for API changes really works against that.

There are a large range of PRs which we pushed off as
must-wait-for-post-1.1.1 and those are things that remain stalled as long
as we keep master locked down.

The release for 1.1.1 should be pretty close to "complete" as such -
looking at the plans - as with no new features going in the work remaining
should be relatively staight forward.
Rich's suggestions I think tend to indicate more  work going into the
release that planned - and we had said we were creating this branch - and
deviating from that at the last minute isn't really how we shuold be making
decisions as a project.
Some stuff that would normally be in a banch now isn't ... as Richard noted
in the PR.

Tim.


On Wed, Mar 21, 2018 at 12:17 AM, Matt Caswell  wrote:

> The beta release is now complete.
>
> Important:
>
> We did *not* create the OpenSSL_1_1_1-stable branch as planned (see
> https://github.com/openssl/openssl/pull/5690 for the discussion that led
> to that decision). For now the release was done from the master branch
> in the same way as we did for the previous alpha releases. However the
> feature freeze *is* in force. Therefore no features can be pushed into
> the repo until such time as the branch is created. All commits to master
> must be suitable for inclusion in the 1.1.1 release.
>
> Matt
> ___
> openssl-project mailing list
> openssl-project@openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-project
>
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Re: [openssl-project] Code Repo

2018-03-20 Thread Matt Caswell
Of course I should have mentioned that although the feature freeze is in
place, the code freeze is not, i.e. you can make pushes to the repo now.

Matt


On 20/03/18 14:17, Matt Caswell wrote:
> The beta release is now complete.
> 
> Important:
> 
> We did *not* create the OpenSSL_1_1_1-stable branch as planned (see
> https://github.com/openssl/openssl/pull/5690 for the discussion that led
> to that decision). For now the release was done from the master branch
> in the same way as we did for the previous alpha releases. However the
> feature freeze *is* in force. Therefore no features can be pushed into
> the repo until such time as the branch is created. All commits to master
> must be suitable for inclusion in the 1.1.1 release.
> 
> Matt
> ___
> openssl-project mailing list
> openssl-project@openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-project
> 
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project


[openssl-project] Code Repo

2018-03-20 Thread Matt Caswell
The beta release is now complete.

Important:

We did *not* create the OpenSSL_1_1_1-stable branch as planned (see
https://github.com/openssl/openssl/pull/5690 for the discussion that led
to that decision). For now the release was done from the master branch
in the same way as we did for the previous alpha releases. However the
feature freeze *is* in force. Therefore no features can be pushed into
the repo until such time as the branch is created. All commits to master
must be suitable for inclusion in the 1.1.1 release.

Matt
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project


[openssl-project] OpenSSL version 1.1.1 pre release 3 published

2018-03-20 Thread OpenSSL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256


   OpenSSL version 1.1.1 pre release 3 (beta)
   ===

   OpenSSL - The Open Source toolkit for SSL/TLS
   https://www.openssl.org/

   OpenSSL 1.1.1 is currently in beta. OpenSSL 1.1.1 pre release 3 has now
   been made available. For details of changes and known issues see the
   release notes at:

https://www.openssl.org/news/openssl-1.1.1-notes.html

   Note: This OpenSSL pre-release has been provided for testing ONLY.
   It should NOT be used for security critical purposes.

   The beta release is available for download via HTTP and FTP from the
   following master locations (you can find the various FTP mirrors under
   https://www.openssl.org/source/mirror.html):

 * https://www.openssl.org/source/
 * ftp://ftp.openssl.org/source/

   The distribution file name is:

o openssl-1.1.1-pre3.tar.gz
  Size: 6552052
  SHA1 checksum: a9dee6b70334726420f483c496216d2b335a4510
  SHA256 checksum: 
b541d574d8d099b0bc74ebc8174cec1dc9f426d8901d04be7874046ad72116b0

   The checksums were calculated using the following commands:

openssl sha1 openssl-1.1.1-pre3.tar.gz
openssl sha256 openssl-1.1.1-pre3.tar.gz

   Please download and check this beta release as soon as possible.
   To report a bug, open an issue on GitHub:

https://github.com/openssl/openssl/issues

   Please check the release notes and mailing lists to avoid duplicate
   reports of known issues. (Of course, the source is also available
   on GitHub.)

   Yours,

   The OpenSSL Project Team.

-BEGIN PGP SIGNATURE-

iQEcBAEBCAAGBQJasQkhAAoJENnE0m0OYESRf30H/1OxOdWi82Cw69+z4ly80TyR
IeWQRgFh60lar3li3R6/ns57eXFo7jGOAAws1iOZll3RGR9bkp70cLXCZtMvZoEP
79pLrfUZR6s6BwGrSs7X3fHac4muUZSQLaAdCJG5Y6Sgi2XBy0rRYFxle0qND1c3
tNeh1B6oXy236cvVaDAUNYKEC/31RzupWIdLdT9UYWLU5qYdgkaOztHO2x1pDRX/
Vs18qNND5mHIrsv0QfZPP40nvsZrRoz7rXBuZdaQwLA9ZJzS0hNxwlpkodJB8kHD
o29Q0fkczGnL3hw5rSi7c+qKgngXIVkB0ssisZBHgHVAA6WvvSPNG9SeGYJRgwQ=
=0UFn
-END PGP SIGNATURE-
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project