Re: [openssl-project] Accept PR 5702 after the feature-freeze?
To increase transparency, you could also add a clause which ensures that every exceptional merge needs to be announced on openssl-project: A pull request that introduces a new feature can be merged regardless of the feature freeze, if it is related to TLS 1.3 and approved by at least 3 OMC members without veto. The intention to merge the pull request has to be announced at least 24 hours in advance on openssl-project. Just an idea. Matthias Am 21.03.2018 um 21:48 schrieb Salz, Rich: > Yes, that is a good idea! > > On 3/21/18, 4:29 PM, "Matt Caswell"wrote: > > > > On 21/03/18 20:23, Dr. Matthias St. Pierre wrote: > > Not that it's my business, but IMHO it might be sensible to loosen the > > freeze for TLS 1.3 related changes in general, since that hasn't been > > finalized yet. So instead of starting a vote for every pull request in > > question, you could also vote about an exceptional rule like the > following: > > > > A pull request that introduces a new feature can be merged regardless of > > the feature freeze, if it is related to TLS 1.3, and approved by at > > least 3 OMC members (without veto, of course) > > I think that's not a bad idea. See also: > > https://github.com/openssl/openssl/pull/5227 > > Matt > > > > > Matthias > > > > Am 21.03.2018 um 13:54 schrieb Salz, Rich: > >> > >> https://github.com/openssl/openssl/pull/5702 > >> > >> > >> > >> It is after our declared feature-freeze. I think we should allow this > >> PR. From the description: > >> > >> NSS 3.34 and boringssl have support for > "EXPORTER_SECRET" > >> > >> (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) > >> which is needed > >> > >> for QUIC 1-RTT decryption support in Wireshark. > >> > >> > >> > >> I don’t think there’s much need to discuss this. Other TLS stacks > >> have it, the most important debugging tool really wants it, and it’s > >> useful for debugging a very important protocol. I will start a vote > >> on Monday. > >> > >> > >> > > > > > > ___ > > openssl-project mailing list > > openssl-project@openssl.org > > https://mta.openssl.org/mailman/listinfo/openssl-project > > > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > > > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
Re: [openssl-project] Accept PR 5702 after the feature-freeze?
Yes, that is a good idea! On 3/21/18, 4:29 PM, "Matt Caswell"wrote: On 21/03/18 20:23, Dr. Matthias St. Pierre wrote: > Not that it's my business, but IMHO it might be sensible to loosen the > freeze for TLS 1.3 related changes in general, since that hasn't been > finalized yet. So instead of starting a vote for every pull request in > question, you could also vote about an exceptional rule like the following: > > A pull request that introduces a new feature can be merged regardless of > the feature freeze, if it is related to TLS 1.3, and approved by at > least 3 OMC members (without veto, of course) I think that's not a bad idea. See also: https://github.com/openssl/openssl/pull/5227 Matt > > Matthias > > Am 21.03.2018 um 13:54 schrieb Salz, Rich: >> >> https://github.com/openssl/openssl/pull/5702 >> >> >> >> It is after our declared feature-freeze. I think we should allow this >> PR. From the description: >> >> NSS 3.34 and boringssl have support for "EXPORTER_SECRET" >> >> (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) >> which is needed >> >> for QUIC 1-RTT decryption support in Wireshark. >> >> >> >> I don’t think there’s much need to discuss this. Other TLS stacks >> have it, the most important debugging tool really wants it, and it’s >> useful for debugging a very important protocol. I will start a vote >> on Monday. >> >> >> > > > ___ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project > ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
[openssl-project] Accept PR 5702 after the feature-freeze?
https://github.com/openssl/openssl/pull/5702 It is after our declared feature-freeze. I think we should allow this PR. From the description: NSS 3.34 and boringssl have support for "EXPORTER_SECRET" (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) which is needed for QUIC 1-RTT decryption support in Wireshark. I don’t think there’s much need to discuss this. Other TLS stacks have it, the most important debugging tool really wants it, and it’s useful for debugging a very important protocol. I will start a vote on Monday. ___ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project