Re: VOTE: Technical Items still to be done
On Thu, Oct 08, 2020 at 03:47:18PM +0100, Matt Caswell wrote: > topic: The following items are required prerequisites for the first beta > release: > 1) EVP is the recommended API, it must be feature-complete compared with > the functionality available using lower-level APIs. >- Anything that isn’t available must be put to an OTC vote to exclude. >- The apps are the minimum bar for this, subject to exceptions noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, > RAND_METHOD_. >- Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). >- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. >- There might be some others. >- Review for exceptions. >- The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor deprecated > functions (except speed, engine, list, passwd -crypt and the code > to handle > the -engine CLI option). That is, remove the suppression of deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) >- Compile and link 1.1.1 command line app against the master headers and > library. Run 1.1.1 app test cases against the chimera. Treat this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) >- Need a list of things we know are not present - including things we > have > removed. >- We need to have mapping tables for various d2i/i2d functions. >- We need to have a mapping table from “old names” for things into the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to >the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS platforms. > 11) Query provider parameters (name, version, ...) from the command line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 -1 I think we can delay some of that work until 3.1. Kurt
Re: VOTE: Technical Items still to be done
I have just close this vote. The final result was: accepted: yes (for: 8, against: 0, abstained: 0, not voted: 3) Matt On 08/10/2020 15:47, Matt Caswell wrote: > topic: The following items are required prerequisites for the first beta > release: > 1) EVP is the recommended API, it must be feature-complete compared with > the functionality available using lower-level APIs. >- Anything that isn’t available must be put to an OTC vote to exclude. >- The apps are the minimum bar for this, subject to exceptions noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, > RAND_METHOD_. >- Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). >- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. >- There might be some others. >- Review for exceptions. >- The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor deprecated > functions (except speed, engine, list, passwd -crypt and the code > to handle > the -engine CLI option). That is, remove the suppression of deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) >- Compile and link 1.1.1 command line app against the master headers and > library. Run 1.1.1 app test cases against the chimera. Treat this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) >- Need a list of things we know are not present - including things we > have > removed. >- We need to have mapping tables for various d2i/i2d functions. >- We need to have a mapping table from “old names” for things into the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to >the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS platforms. > 11) Query provider parameters (name, version, ...) from the command line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 > closed: 2020-mm-dd > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > Matt [+1] > Mark [ ] > Pauli [ ] > Viktor [ ] > Tim[ ] > Richard[ ] > Shane [ ] > Tomas [ ] > Kurt [ ] > Matthias [ ] > Nicola [ ] >
Re: VOTE: Technical Items still to be done
+1 As for "EVP is the recommended API", I hope that everyone understands this to be for crypto functionality (hash functions, cipher functions, EVP_PKEY functions, MAC functions, KDF functions), not *everything*. On Thu, 08 Oct 2020 16:47:18 +0200, Matt Caswell wrote: > > topic: The following items are required prerequisites for the first beta > release: > 1) EVP is the recommended API, it must be feature-complete compared with > the functionality available using lower-level APIs. >- Anything that isn’t available must be put to an OTC vote to exclude. >- The apps are the minimum bar for this, subject to exceptions noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, > RAND_METHOD_. >- Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). >- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. >- There might be some others. >- Review for exceptions. >- The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor deprecated > functions (except speed, engine, list, passwd -crypt and the code > to handle > the -engine CLI option). That is, remove the suppression of deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) >- Compile and link 1.1.1 command line app against the master headers and > library. Run 1.1.1 app test cases against the chimera. Treat this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) >- Need a list of things we know are not present - including things we > have > removed. >- We need to have mapping tables for various d2i/i2d functions. >- We need to have a mapping table from “old names” for things into the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to >the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS platforms. > 11) Query provider parameters (name, version, ...) from the command line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 > closed: 2020-mm-dd > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > Matt [+1] > Mark [ ] > Pauli [ ] > Viktor [ ] > Tim[ ] > Richard[ ] > Shane [ ] > Tomas [ ] > Kurt [ ] > Matthias [ ] > Nicola [ ] > -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/
Re: VOTE: Technical Items still to be done
+1 > On 9 Oct 2020, at 12:47 am, Matt Caswell wrote: > > topic: The following items are required prerequisites for the first beta > release: > 1) EVP is the recommended API, it must be feature-complete compared with >the functionality available using lower-level APIs. > - Anything that isn’t available must be put to an OTC vote to exclude. > - The apps are the minimum bar for this, subject to exceptions noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, >RAND_METHOD_. > - Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). > - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. > - There might be some others. > - Review for exceptions. > - The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor deprecated > functions (except speed, engine, list, passwd -crypt and the code > to handle > the -engine CLI option). That is, remove the suppression of deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) > - Compile and link 1.1.1 command line app against the master headers and > library. Run 1.1.1 app test cases against the chimera. Treat this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) > - Need a list of things we know are not present - including things we > have > removed. > - We need to have mapping tables for various d2i/i2d functions. > - We need to have a mapping table from “old names” for things into the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to > the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS platforms. > 11) Query provider parameters (name, version, ...) from the command line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 > closed: 2020-mm-dd > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > Matt [+1] > Mark [ ] > Pauli [ ] > Viktor [ ] > Tim[ ] > Richard[ ] > Shane [ ] > Tomas [ ] > Kurt [ ] > Matthias [ ] > Nicola [ ]
Re: VOTE: Technical Items still to be done
[to the project list this time] +1 Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 9 Oct 2020, at 12:47 am, Matt Caswell wrote: > > topic: The following items are required prerequisites for the first beta > release: > 1) EVP is the recommended API, it must be feature-complete compared with >the functionality available using lower-level APIs. > - Anything that isn’t available must be put to an OTC vote to exclude. > - The apps are the minimum bar for this, subject to exceptions noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, >RAND_METHOD_. > - Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). > - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. > - There might be some others. > - Review for exceptions. > - The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor deprecated > functions (except speed, engine, list, passwd -crypt and the code > to handle > the -engine CLI option). That is, remove the suppression of deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) > - Compile and link 1.1.1 command line app against the master headers and > library. Run 1.1.1 app test cases against the chimera. Treat this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) > - Need a list of things we know are not present - including things we > have > removed. > - We need to have mapping tables for various d2i/i2d functions. > - We need to have a mapping table from “old names” for things into the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to > the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS platforms. > 11) Query provider parameters (name, version, ...) from the command line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 > closed: 2020-mm-dd > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > Matt [+1] > Mark [ ] > Pauli [ ] > Viktor [ ] > Tim[ ] > Richard[ ] > Shane [ ] > Tomas [ ] > Kurt [ ] > Matthias [ ] > Nicola [ ]
RE: VOTE: Technical Items still to be done
+1 > -Original Message- > From: openssl-project On Behalf Of > Tomas Mraz > Sent: Thursday, October 8, 2020 6:21 PM > To: Matt Caswell ; openssl-project@openssl.org > Subject: Re: VOTE: Technical Items still to be done > > +1 > > On Thu, 2020-10-08 at 15:47 +0100, Matt Caswell wrote: > > topic: The following items are required prerequisites for the first > > beta > > release: > > 1) EVP is the recommended API, it must be feature-complete compared > > with > > the functionality available using lower-level APIs. > >- Anything that isn’t available must be put to an OTC vote to > > exclude. > >- The apps are the minimum bar for this, subject to exceptions > > noted > > below. > > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, > > RSA_, > > RAND_METHOD_. > >- Does not include macros defining useful constants (e.g. > > SHA512_DIGEST_LENGTH). > >- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. > >- There might be some others. > >- Review for exceptions. > >- The apps are the minimum bar to measure feature completeness for > > the EVP > > interface: rewrite them so they do not use internal nor > > deprecated > > functions (except speed, engine, list, passwd -crypt and the > > code > > to handle > > the -engine CLI option). That is, remove the suppression of > > deprecated > > define. > > - Proposal: drop passwd -crypt (OMC vote required) > >- Compile and link 1.1.1 command line app against the master > > headers and > > library. Run 1.1.1 app test cases against the chimera. Treat > > this > > as an > > external test using a special 1.1.1 branch. Deprecated functions > > used by > > libssl should be moved to independent file(s), to limit the > > suppression of > > deprecated defines to the absolute minimum scope. > > 3) Draft documentation (contents but not pretty) > >- Need a list of things we know are not present - including things > > we > > have > > removed. > >- We need to have mapping tables for various d2i/i2d functions. > >- We need to have a mapping table from “old names” for things into > > the > > OSSL_PARAMS names. > > - Documentation addition to old APIs to refer to new ones > > (man7). > > - Documentation needs to reference name mapping. > > - All the legacy interfaces need to have their documentation > > pointing to > >the replacement interfaces. > > 4) Review (and maybe clean up) legacy bridge code. > > 5) Review TODO(3.0) items #12224. > > 6) Source checksum script. > > 7) Review of functions previously named _with_libctx. > > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > > 9) Encoder DER to PEM refactor. > > 10) Builds and passes tests on all primary, secondary and FIPS > > platforms. > > 11) Query provider parameters (name, version, ...) from the command > > line. > > 12) Setup buildbot infrastructure and associated instructions. > > 13) Complete make fipsinstall. > > 14) More specific decoding selection (e.g. params or keys). > > 15) Example code covering replacements for deprecated APIs. > > 16) Drop C code output options from the apps (OMC approval required). > > 17) Address issues and PRs in the 3.0beta1 milestone. > > Proposed by . > > Public: yes > > opened: 2020-10-08 > > closed: 2020-mm-dd > > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > > > Matt [+1] > > Mark [ ] > > Pauli [ ] > > Viktor [ ] > > Tim[ ] > > Richard[ ] > > Shane [ ] > > Tomas [ ] > > Kurt [ ] > > Matthias [ ] > > Nicola [ ] > -- > Tomáš Mráz > No matter how far down the wrong road you've gone, turn back. > Turkish proverb > [You'll know whether the road is wrong if you carefully listen to your > conscience.]
Re: VOTE: Technical Items still to be done
+1 On Thu, 2020-10-08 at 15:47 +0100, Matt Caswell wrote: > topic: The following items are required prerequisites for the first > beta > release: > 1) EVP is the recommended API, it must be feature-complete compared > with > the functionality available using lower-level APIs. >- Anything that isn’t available must be put to an OTC vote to > exclude. >- The apps are the minimum bar for this, subject to exceptions > noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, > RSA_, > RAND_METHOD_. >- Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). >- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. >- There might be some others. >- Review for exceptions. >- The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor > deprecated > functions (except speed, engine, list, passwd -crypt and the > code > to handle > the -engine CLI option). That is, remove the suppression of > deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) >- Compile and link 1.1.1 command line app against the master > headers and > library. Run 1.1.1 app test cases against the chimera. Treat > this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) >- Need a list of things we know are not present - including things > we > have > removed. >- We need to have mapping tables for various d2i/i2d functions. >- We need to have a mapping table from “old names” for things into > the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones > (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to >the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS > platforms. > 11) Query provider parameters (name, version, ...) from the command > line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 > closed: 2020-mm-dd > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > Matt [+1] > Mark [ ] > Pauli [ ] > Viktor [ ] > Tim[ ] > Richard[ ] > Shane [ ] > Tomas [ ] > Kurt [ ] > Matthias [ ] > Nicola [ ] -- Tomáš Mráz No matter how far down the wrong road you've gone, turn back. Turkish proverb [You'll know whether the road is wrong if you carefully listen to your conscience.]
Re: VOTE: Technical Items still to be done
+1 Tim. On Fri, Oct 9, 2020 at 12:47 AM Matt Caswell wrote: > topic: The following items are required prerequisites for the first beta > release: > 1) EVP is the recommended API, it must be feature-complete compared with > the functionality available using lower-level APIs. >- Anything that isn’t available must be put to an OTC vote to exclude. >- The apps are the minimum bar for this, subject to exceptions noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, > RAND_METHOD_. >- Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). >- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. >- There might be some others. >- Review for exceptions. >- The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor deprecated > functions (except speed, engine, list, passwd -crypt and the code > to handle > the -engine CLI option). That is, remove the suppression of > deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) >- Compile and link 1.1.1 command line app against the master headers and > library. Run 1.1.1 app test cases against the chimera. Treat this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) >- Need a list of things we know are not present - including things we > have > removed. >- We need to have mapping tables for various d2i/i2d functions. >- We need to have a mapping table from “old names” for things into the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to >the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS platforms. > 11) Query provider parameters (name, version, ...) from the command line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 > closed: 2020-mm-dd > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > Matt [+1] > Mark [ ] > Pauli [ ] > Viktor [ ] > Tim[ ] > Richard[ ] > Shane [ ] > Tomas [ ] > Kurt [ ] > Matthias [ ] > Nicola [ ] >
Re: VOTE: Technical Items still to be done
Note that Nicola pointed out a formatting error in the vote text. The last sub-bullet under point 2 is actually 2 different sub-bullets that got merged together, i.e. - Compile and link 1.1.1 command line app against the master headers and library. Run 1.1.1 app test cases against the chimera. Treat this as an external test using a special 1.1.1 branch. - Deprecated functions used by libssl should be moved to independent file(s), to limit the suppression of deprecated defines to the absolute minimum scope. Since this is formatting only I don't think it affects the vote. I've corrected it in votes.txt. Matt On 08/10/2020 15:47, Matt Caswell wrote: > topic: The following items are required prerequisites for the first beta > release: > 1) EVP is the recommended API, it must be feature-complete compared with > the functionality available using lower-level APIs. >- Anything that isn’t available must be put to an OTC vote to exclude. >- The apps are the minimum bar for this, subject to exceptions noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, > RAND_METHOD_. >- Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). >- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. >- There might be some others. >- Review for exceptions. >- The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor deprecated > functions (except speed, engine, list, passwd -crypt and the code > to handle > the -engine CLI option). That is, remove the suppression of deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) >- Compile and link 1.1.1 command line app against the master headers and > library. Run 1.1.1 app test cases against the chimera. Treat this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) >- Need a list of things we know are not present - including things we > have > removed. >- We need to have mapping tables for various d2i/i2d functions. >- We need to have a mapping table from “old names” for things into the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to >the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS platforms. > 11) Query provider parameters (name, version, ...) from the command line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 > closed: 2020-mm-dd > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > Matt [+1] > Mark [ ] > Pauli [ ] > Viktor [ ] > Tim[ ] > Richard[ ] > Shane [ ] > Tomas [ ] > Kurt [ ] > Matthias [ ] > Nicola [ ] >
Re: VOTE: Technical Items still to be done
+1 On Thu, 8 Oct 2020 at 17:47, Matt Caswell wrote: > > topic: The following items are required prerequisites for the first beta > release: > 1) EVP is the recommended API, it must be feature-complete compared with > the functionality available using lower-level APIs. >- Anything that isn’t available must be put to an OTC vote to exclude. >- The apps are the minimum bar for this, subject to exceptions noted > below. > 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_, > RAND_METHOD_. >- Does not include macros defining useful constants (e.g. > SHA512_DIGEST_LENGTH). >- Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`. >- There might be some others. >- Review for exceptions. >- The apps are the minimum bar to measure feature completeness for > the EVP > interface: rewrite them so they do not use internal nor deprecated > functions (except speed, engine, list, passwd -crypt and the code > to handle > the -engine CLI option). That is, remove the suppression of deprecated > define. > - Proposal: drop passwd -crypt (OMC vote required) >- Compile and link 1.1.1 command line app against the master headers and > library. Run 1.1.1 app test cases against the chimera. Treat this > as an > external test using a special 1.1.1 branch. Deprecated functions > used by > libssl should be moved to independent file(s), to limit the > suppression of > deprecated defines to the absolute minimum scope. > 3) Draft documentation (contents but not pretty) >- Need a list of things we know are not present - including things we > have > removed. >- We need to have mapping tables for various d2i/i2d functions. >- We need to have a mapping table from “old names” for things into the > OSSL_PARAMS names. > - Documentation addition to old APIs to refer to new ones (man7). > - Documentation needs to reference name mapping. > - All the legacy interfaces need to have their documentation > pointing to >the replacement interfaces. > 4) Review (and maybe clean up) legacy bridge code. > 5) Review TODO(3.0) items #12224. > 6) Source checksum script. > 7) Review of functions previously named _with_libctx. > 8) Encoder fixes (PKCS#8, PKCS#1, etc). > 9) Encoder DER to PEM refactor. > 10) Builds and passes tests on all primary, secondary and FIPS platforms. > 11) Query provider parameters (name, version, ...) from the command line. > 12) Setup buildbot infrastructure and associated instructions. > 13) Complete make fipsinstall. > 14) More specific decoding selection (e.g. params or keys). > 15) Example code covering replacements for deprecated APIs. > 16) Drop C code output options from the apps (OMC approval required). > 17) Address issues and PRs in the 3.0beta1 milestone. > Proposed by . > Public: yes > opened: 2020-10-08 > closed: 2020-mm-dd > accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T) > > Matt [+1] > Mark [ ] > Pauli [ ] > Viktor [ ] > Tim[ ] > Richard[ ] > Shane [ ] > Tomas [ ] > Kurt [ ] > Matthias [ ] > Nicola [ ]