Re: [openssl-project] Milestones and the 1.1.1 release

2018-07-03 Thread Matt Caswell



On 02/07/18 18:36, Salz, Rich wrote:
> Thanks for finishing this off.
> 
> 
> https://github.com/openssl/openssl/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.1.1
> 
> Are 6512 and 6396 the same, and closed because we made things more secure?

They may be the same, or maybe not. Almost certainly this is the result
of the SCA mitigations we've put in place. For 6512 @romen was going to
do some testing and report back, so I've pinged him.

For 6396 the answer may be to implement 6418 which should help quite a
lot. There is some doubt though whether we can get that in quickly
enough. Awaiting further input from @bbbrumley.

In both cases I think we should keep them open for now. I wouldn't
consider either as showstoppers though.

> 
> Is 6342 a python bug, they'll need to upgrade?

Maybe. Pinged @tiran for an update.

> 
> Is 6228 a foolscap issue?
> 

A comment in 6234 says that the foolscap issue was solved by setting
SSL_MODE_AUTO_RETRY on by default, so I closed this issue.

> I think we can close 6221 soon.

Probably, yes.

Matt
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project


Re: [openssl-project] Milestones and the 1.1.1 release

2018-07-02 Thread Salz, Rich
Thanks for finishing this off.


https://github.com/openssl/openssl/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.1.1

Are 6512 and 6396 the same, and closed because we made things more secure?

Is 6342 a python bug, they'll need to upgrade?

Is 6228 a foolscap issue?

I think we can close 6221 soon.

I will make a PR for 5037.



___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project


Re: [openssl-project] Milestones and the 1.1.1 release

2018-07-02 Thread Matt Caswell


On 27/06/18 16:10, Matt Caswell wrote:
> Well, no one has objected so far. I'm not around tomorrow and Friday to
> action this but, unless anyone shouts between now and then, I'll start
> doing this on Monday.

All issues have been reviewed and their milestones updated accordingly.
I also reviewed all issues that had no milestone assigned. That leaves
us with 18 open issues against the 1.1.1 milestone:

https://github.com/openssl/openssl/issues?q=is%3Aopen+is%3Aissue+milestone%3A1.1.1

IMO, getting these closed (or otherwise moved out of the 1.1.1
milestone) should be our priority focus area in the coming weeks.

Matt


> 
> Matt
> 
> 
> On 26/06/18 21:15, Matt Caswell wrote:
>>
>>
>> On 26/06/18 20:43, Salz, Rich wrote:
>>> That's interesting.  Would we put a bugfix in 1.1.0, not put the fix in 
>>> 1.1.1 until our first "a" release?
>>>
>>> Or are you saying that if it's in 1.1.0, then we don't have to fix it until 
>>> after 1.1.1 comes out?  That seems justifiable to me.
>>
>> The latter.
>>
>> I mean it doesn't *prevent* us from fixing something that's in both
>> 1.1.0 and 1.1.1 - but our focus should be on fixing issues that are
>> newly introduced in 1.1.1.
>>
>> Matt
>>
>>>
>>> On 6/26/18, 3:32 PM, "Matt Caswell"  wrote:
>>>
>>> 
>>> 
>>> On 26/06/18 18:18, Salz, Rich wrote:
>>> > So are you saying look at the 73 open issues at 
>>> https://github.com/openssl/openssl/milestone/9 and re-evaluate them?
>>> 
>>> Exactly. My guess is that a significant proportion of them also apply to
>>> 1.1.0 and therefore should not hold up the 1.1.1 release. At the moment
>>> though it is impossible to tell which are the high priority issues we
>>> should be focussing on.
>>> 
>>> Matt
>>> 
>>> 
>>> > 
>>> > 
>>> > 
>>> > On 6/26/18, 11:56 AM, "Matt Caswell"  wrote:
>>> > 
>>> > I'm thinking that we should maybe re-asses the current milestones 
>>> in github.
>>> > 
>>> > We currently use the following milestones:
>>> > 
>>> > Assessed - Anything against this milestone isn't relevant to the 
>>> 1.1.1
>>> > release (e.g. 1.0.2 specific issue)
>>> > 
>>> > 1.1.1 - This is relevant to the 1.1.1 release but may not be 
>>> specific to
>>> > it (e.g. an issue that affects both 1.1.1 and 1.1.0)
>>> > 
>>> > Post 1.1.1 - Feature request to be looked at once 1.1.1 is 
>>> released
>>> > 
>>> > 
>>> > I think we should re-asses everything currently against the 1.1.1
>>> > milestone so that anything which isn't specific to that release 
>>> gets
>>> > moved to the "Assessed" milestone.
>>> > 
>>> > At the moment its difficult to see the "wood for the trees" 
>>> between
>>> > issues which are newly introduced and those that are long 
>>> standing. In
>>> > terms of getting the 1.1.1 release out the door we should focus 
>>> on the
>>> > former.
>>> > 
>>> > Thoughts?
>>> > 
>>> > Matt
>>> > 
>>> > ___
>>> > openssl-project mailing list
>>> > openssl-project@openssl.org
>>> > https://mta.openssl.org/mailman/listinfo/openssl-project
>>> > 
>>> > 
>>> > ___
>>> > openssl-project mailing list
>>> > openssl-project@openssl.org
>>> > https://mta.openssl.org/mailman/listinfo/openssl-project
>>> > 
>>> ___
>>> openssl-project mailing list
>>> openssl-project@openssl.org
>>> https://mta.openssl.org/mailman/listinfo/openssl-project
>>>
>>> ___
>>> openssl-project mailing list
>>> openssl-project@openssl.org
>>> https://mta.openssl.org/mailman/listinfo/openssl-project
>>>
>> ___
>> openssl-project mailing list
>> openssl-project@openssl.org
>> https://mta.openssl.org/mailman/listinfo/openssl-project
>>
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Re: [openssl-project] Milestones and the 1.1.1 release

2018-06-27 Thread Matt Caswell
Well, no one has objected so far. I'm not around tomorrow and Friday to
action this but, unless anyone shouts between now and then, I'll start
doing this on Monday.

Matt


On 26/06/18 21:15, Matt Caswell wrote:
> 
> 
> On 26/06/18 20:43, Salz, Rich wrote:
>> That's interesting.  Would we put a bugfix in 1.1.0, not put the fix in 
>> 1.1.1 until our first "a" release?
>>
>> Or are you saying that if it's in 1.1.0, then we don't have to fix it until 
>> after 1.1.1 comes out?  That seems justifiable to me.
> 
> The latter.
> 
> I mean it doesn't *prevent* us from fixing something that's in both
> 1.1.0 and 1.1.1 - but our focus should be on fixing issues that are
> newly introduced in 1.1.1.
> 
> Matt
> 
>>
>> On 6/26/18, 3:32 PM, "Matt Caswell"  wrote:
>>
>> 
>> 
>> On 26/06/18 18:18, Salz, Rich wrote:
>> > So are you saying look at the 73 open issues at 
>> https://github.com/openssl/openssl/milestone/9 and re-evaluate them?
>> 
>> Exactly. My guess is that a significant proportion of them also apply to
>> 1.1.0 and therefore should not hold up the 1.1.1 release. At the moment
>> though it is impossible to tell which are the high priority issues we
>> should be focussing on.
>> 
>> Matt
>> 
>> 
>> > 
>> > 
>> > 
>> > On 6/26/18, 11:56 AM, "Matt Caswell"  wrote:
>> > 
>> > I'm thinking that we should maybe re-asses the current milestones 
>> in github.
>> > 
>> > We currently use the following milestones:
>> > 
>> > Assessed - Anything against this milestone isn't relevant to the 
>> 1.1.1
>> > release (e.g. 1.0.2 specific issue)
>> > 
>> > 1.1.1 - This is relevant to the 1.1.1 release but may not be 
>> specific to
>> > it (e.g. an issue that affects both 1.1.1 and 1.1.0)
>> > 
>> > Post 1.1.1 - Feature request to be looked at once 1.1.1 is released
>> > 
>> > 
>> > I think we should re-asses everything currently against the 1.1.1
>> > milestone so that anything which isn't specific to that release 
>> gets
>> > moved to the "Assessed" milestone.
>> > 
>> > At the moment its difficult to see the "wood for the trees" between
>> > issues which are newly introduced and those that are long 
>> standing. In
>> > terms of getting the 1.1.1 release out the door we should focus on 
>> the
>> > former.
>> > 
>> > Thoughts?
>> > 
>> > Matt
>> > 
>> > ___
>> > openssl-project mailing list
>> > openssl-project@openssl.org
>> > https://mta.openssl.org/mailman/listinfo/openssl-project
>> > 
>> > 
>> > ___
>> > openssl-project mailing list
>> > openssl-project@openssl.org
>> > https://mta.openssl.org/mailman/listinfo/openssl-project
>> > 
>> ___
>> openssl-project mailing list
>> openssl-project@openssl.org
>> https://mta.openssl.org/mailman/listinfo/openssl-project
>>
>> ___
>> openssl-project mailing list
>> openssl-project@openssl.org
>> https://mta.openssl.org/mailman/listinfo/openssl-project
>>
> ___
> openssl-project mailing list
> openssl-project@openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-project
> 
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Re: [openssl-project] Milestones and the 1.1.1 release

2018-06-26 Thread Matt Caswell


On 26/06/18 20:43, Salz, Rich wrote:
> That's interesting.  Would we put a bugfix in 1.1.0, not put the fix in 1.1.1 
> until our first "a" release?
> 
> Or are you saying that if it's in 1.1.0, then we don't have to fix it until 
> after 1.1.1 comes out?  That seems justifiable to me.

The latter.

I mean it doesn't *prevent* us from fixing something that's in both
1.1.0 and 1.1.1 - but our focus should be on fixing issues that are
newly introduced in 1.1.1.

Matt

> 
> On 6/26/18, 3:32 PM, "Matt Caswell"  wrote:
> 
> 
> 
> On 26/06/18 18:18, Salz, Rich wrote:
> > So are you saying look at the 73 open issues at 
> https://github.com/openssl/openssl/milestone/9 and re-evaluate them?
> 
> Exactly. My guess is that a significant proportion of them also apply to
> 1.1.0 and therefore should not hold up the 1.1.1 release. At the moment
> though it is impossible to tell which are the high priority issues we
> should be focussing on.
> 
> Matt
> 
> 
> > 
> > 
> > 
> > On 6/26/18, 11:56 AM, "Matt Caswell"  wrote:
> > 
> > I'm thinking that we should maybe re-asses the current milestones 
> in github.
> > 
> > We currently use the following milestones:
> > 
> > Assessed - Anything against this milestone isn't relevant to the 
> 1.1.1
> > release (e.g. 1.0.2 specific issue)
> > 
> > 1.1.1 - This is relevant to the 1.1.1 release but may not be 
> specific to
> > it (e.g. an issue that affects both 1.1.1 and 1.1.0)
> > 
> > Post 1.1.1 - Feature request to be looked at once 1.1.1 is released
> > 
> > 
> > I think we should re-asses everything currently against the 1.1.1
> > milestone so that anything which isn't specific to that release gets
> > moved to the "Assessed" milestone.
> > 
> > At the moment its difficult to see the "wood for the trees" between
> > issues which are newly introduced and those that are long standing. 
> In
> > terms of getting the 1.1.1 release out the door we should focus on 
> the
> > former.
> > 
> > Thoughts?
> > 
> > Matt
> > 
> > ___
> > openssl-project mailing list
> > openssl-project@openssl.org
> > https://mta.openssl.org/mailman/listinfo/openssl-project
> > 
> > 
> > ___
> > openssl-project mailing list
> > openssl-project@openssl.org
> > https://mta.openssl.org/mailman/listinfo/openssl-project
> > 
> ___
> openssl-project mailing list
> openssl-project@openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-project
> 
> ___
> openssl-project mailing list
> openssl-project@openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-project
> 
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Re: [openssl-project] Milestones and the 1.1.1 release

2018-06-26 Thread Benjamin Kaduk
On Tue, Jun 26, 2018 at 07:43:45PM +, Salz, Rich wrote:
> That's interesting.  Would we put a bugfix in 1.1.0, not put the fix in 1.1.1 
> until our first "a" release?
> 
> Or are you saying that if it's in 1.1.0, then we don't have to fix it until 
> after 1.1.1 comes out?  That seems justifiable to me.

I assume the latter -- we feel obligated to fix regressions from 1.1.0 to
1.1.1 before finalizing 1.1.1, but bugs that are present in 1.1.0 can be
present in the 1.1.1 initial release (to be fixed in 1.1.1a and 1.1.0next).
(This is what I do for OpenAFS.)

-Ben
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project


Re: [openssl-project] Milestones and the 1.1.1 release

2018-06-26 Thread Matt Caswell


On 26/06/18 18:18, Salz, Rich wrote:
> So are you saying look at the 73 open issues at 
> https://github.com/openssl/openssl/milestone/9 and re-evaluate them?

Exactly. My guess is that a significant proportion of them also apply to
1.1.0 and therefore should not hold up the 1.1.1 release. At the moment
though it is impossible to tell which are the high priority issues we
should be focussing on.

Matt


> 
> 
> 
> On 6/26/18, 11:56 AM, "Matt Caswell"  wrote:
> 
> I'm thinking that we should maybe re-asses the current milestones in 
> github.
> 
> We currently use the following milestones:
> 
> Assessed - Anything against this milestone isn't relevant to the 1.1.1
> release (e.g. 1.0.2 specific issue)
> 
> 1.1.1 - This is relevant to the 1.1.1 release but may not be specific to
> it (e.g. an issue that affects both 1.1.1 and 1.1.0)
> 
> Post 1.1.1 - Feature request to be looked at once 1.1.1 is released
> 
> 
> I think we should re-asses everything currently against the 1.1.1
> milestone so that anything which isn't specific to that release gets
> moved to the "Assessed" milestone.
> 
> At the moment its difficult to see the "wood for the trees" between
> issues which are newly introduced and those that are long standing. In
> terms of getting the 1.1.1 release out the door we should focus on the
> former.
> 
> Thoughts?
> 
> Matt
> 
> ___
> openssl-project mailing list
> openssl-project@openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-project
> 
> 
> ___
> openssl-project mailing list
> openssl-project@openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-project
> 
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Re: [openssl-project] Milestones and the 1.1.1 release

2018-06-26 Thread Benjamin Kaduk
On Tue, Jun 26, 2018 at 04:56:26PM +0100, Matt Caswell wrote:
> I'm thinking that we should maybe re-asses the current milestones in github.
> 
> We currently use the following milestones:
> 
> Assessed - Anything against this milestone isn't relevant to the 1.1.1
> release (e.g. 1.0.2 specific issue)
> 
> 1.1.1 - This is relevant to the 1.1.1 release but may not be specific to
> it (e.g. an issue that affects both 1.1.1 and 1.1.0)
> 
> Post 1.1.1 - Feature request to be looked at once 1.1.1 is released
> 
> 
> I think we should re-asses everything currently against the 1.1.1
> milestone so that anything which isn't specific to that release gets
> moved to the "Assessed" milestone.
> 
> At the moment its difficult to see the "wood for the trees" between
> issues which are newly introduced and those that are long standing. In
> terms of getting the 1.1.1 release out the door we should focus on the
> former.
> 
> Thoughts?

If the choice is between your proposal and the current state, your proposal
seems better.  I don't want to start a bikeshed, so I'll try to leave the
discussion on the immediate topic which relates to getting 1.1.1 out the
door and not add in other things I'd like to see changed (but do not really
seem to be blocking 1.1.1).

-Ben
___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project


[openssl-project] Milestones and the 1.1.1 release

2018-06-26 Thread Matt Caswell
I'm thinking that we should maybe re-asses the current milestones in github.

We currently use the following milestones:

Assessed - Anything against this milestone isn't relevant to the 1.1.1
release (e.g. 1.0.2 specific issue)

1.1.1 - This is relevant to the 1.1.1 release but may not be specific to
it (e.g. an issue that affects both 1.1.1 and 1.1.0)

Post 1.1.1 - Feature request to be looked at once 1.1.1 is released


I think we should re-asses everything currently against the 1.1.1
milestone so that anything which isn't specific to that release gets
moved to the "Assessed" milestone.

At the moment its difficult to see the "wood for the trees" between
issues which are newly introduced and those that are long standing. In
terms of getting the 1.1.1 release out the door we should focus on the
former.

Thoughts?

Matt

___
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project