1 Meeting Date: 2023-03-21
2 Minutes taken by: Hugo Landau
20 * Nominate a minute taker and confirm agenda
21 * Agree minutes from previous meeting
22 * Review outstanding actions
23 * Discussion on #20436 (--strict-warnings)
24 * Review issues with OTC hold (30 minutes)
25 * Review outstanding security issues
26 * Review draft technical policies
27 * Review draft technical policies: presentation on design policy
28 * Agree agenda for next meeting
31 ** Nominate a minute taker and confirm agenda
33 Hugo volunteered to take the minutes.
34 Proposed: Hugo, seconded: Matt
36 Agenda for the meeting agreed. Proposed: Hugo, seconded: Matt
38 ** Agree minutes from previous meeting
40 Minutes from previous meeting were agreed. Proposed: Hugo, seconded: Paul
42 ** Review outstanding actions
44 AI: Richard to create instructions on how to add an OTC member.
47 AI: Matt to create a proposal on return values and return value types for new code.
50 AI: Hugo to update the EC compression compatibility testing PR
51 to test fewer curves. Use original commit message for Nicola's
55 AI: Hugo to propose possible solutions to make BIO_dgram more safe
58 AI: Hugo to investigate getting the DDD demos working with
62 AI: OTC to read Stephen's proposed API changes for ECH
65 AI: Matt to gather more information on the costs and resources
66 which would be required to organise an OTC F2F, send questionairre
70 AI: Richard to add something to the security process about adding CVE IDs to
71 commits; to mention fixes and related trailers
74 AI: Richard to consider if we can make the security process public.
77 AI: Richard to make the security process public.
79 AI: OTC to review the updated new design process policy proposal
82 AI: Richard to do a writeup on the background of issue #20497
85 ** Discussion on #20436 (--strict-warnings)
87 OTC: We should fix the header in all branches (3.0/3.1/master).
89 ** Review issues with OTC hold (30 minutes)
91 #20416: Improve the performance of d2i_AutoPrivateKey and friends
92 OTC: This can be merged.
94 #20501: fixing up EVP_PKEY_get_id for providers
95 OTC: This should not be merged. We should fix the documentation.
96 The same documentation fix should be done for equivalent functions for
99 #20521: fips: implement 140-3 IG DR
100 Should we merge this to 3.1 as well as master?
101 OTC: We are allowing this in 3.1. The default should be keeping the old
104 AI: Tomas to update stable release updates policy to allow non-breaking changes
105 required for FIPS compliance
107 ** Review outstanding security issues
109 We discussed outstanding security issues.
111 ** Review draft technical policies: presentation on design policy
113 We will start a vote on the design policy proposal on the 11th of April.
115 OTC members should offer their substantial comments by the 4th of April.
119 * Discussion on email investigating potential closure of openssl-users
121 OTC: The OTC would like to urge the OMC not to close this list.
123 ** Agree agenda for next meeting
125 * Nominate a minute taker and confirm agenda
126 * Agree minutes from previous meeting
127 * Review outstanding actions
128 * Review issues with OTC hold (30 minutes)
129 * Review outstanding security issues
130 * Review draft technical policies
131 * Review draft technical policies: presentation on design policy
132 * Agree agenda for next meeting
135 ** New and carried over action items [transported from above]:
137 AI: Richard to create instructions on how to add an OTC member.
139 Converted to OSSLO-84
141 AI: Matt to create a proposal on return values and return value types for new code.
143 Converted to OSSLO-85
145 AI: Hugo to propose possible solutions to make BIO_dgram more safe
148 AI: Hugo to investigate getting the DDD demos working with
152 AI: OTC to read Stephen's proposed API changes for ECH
155 AI: Richard to add something to the security process about adding CVE IDs to
156 commits; to mention fixes and related trailers
157 Converted to OSSLO-87
159 AI: Richard to make the security process public.
160 Converted to OSSLO-86
162 AI: Richard to do a writeup on the background of issue #20497