1 # This file is obsolete as of 2021-11-09 as we use the new voting process
3 # https://github.com/openssl/technical-policies/blob/master/policies/voting-procedure.md
5 # A record of formal votes in reverse chronological order.
7 # To vote, add one of the following entries next to your name:
9 # [+1] I vote in favour of the proposal
10 # [ 0] I abstain from the vote
11 # [-1] I vote against the proposal
13 # If you are abstaining, you can indicate a tendency as follows:
15 # [+0] I abstain but with a slight lean towards a vote in favour
16 # [ 0] I abstain with no stated preference
17 # [-0] I abstain but with a slight lean towards a vote against
19 # A template for voting (alphabetical by surname) follows.
27 accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T)
43 topic: Accept PR #16705 into 3.0 subject to the normal review process
44 Proposed by Matt Caswell
48 accepted: yes (for: 4, against: 1, abstained: 3, not voted: 2)
57 Kurt [-1] # 2021-12-07
62 topic: Accept openssl/technical-policies PR#2 - the policy change
63 process proposal as of commit 5740178. This will become an official OTC
65 comment: This changes the voting procedure for public OTC votes to use the
66 pull requests and issues on the openssl/technical-policies repository
67 instead of the openssl-project mailing list.
68 Proposed by Tomáš Mráz
72 accepted: yes (for: 8, against: 0, abstained: 0, not voted: 2)
81 Kurt [+1] # 2021-11-09
86 topic: Accept openssl/technical-policies PR#1 - the policy change
87 process proposal as of commit 3bccdf6. This will become an official OTC
89 comment: This will implement the formal policy change process so we can
90 introduce and amend further policies as set by OTC via a public
92 Proposed by Tomáš Mráz
96 accepted: yes (for: 9, against: 0, abstained: 0, not voted: 1)
105 Kurt [+1] # 2021-11-09
110 topic: Accept PR#16725 as a bug fix for backport into 3.0 subject to the normal
112 Proposed by Matt Caswell
116 accepted: yes (for: 4, against: 2, abstained: 4, not voted: 0)
121 Tim [ 0] # Vote changed 2021-10-20
130 topic: Increase the default security level from 1 to 2 in master
131 Proposed by Matt Caswell
135 accepted: yes (for: 7, against: 1, abstained: 1, not voted: 1)
144 Kurt [+1] # 2021-09-22
149 topic: Accept PR#16594 into master subject to the normal review process
150 comment: this doesn't meet the requirement of being a standard but is in use
151 and we have the implementation but it isn't exposed.
156 accepted: yes (for: 5, against: 0, abstained: 3, not voted: 2)
165 Kurt [+1] # 2021-09-22
166 Matthias [+1] # 2021-09-22
170 topic: Allow the restart of merging of non-breaking small features to the master
172 Proposed by Matt Caswell
176 accepted: yes (for: 5, against: 1, abstained: 1, not voted: 2)
180 Pauli [+1] # 2021-09-14
185 Kurt [+1] # 2021-09-15
191 topic: Create `openssl-3.0' git branch today.
192 comment: This cascades to other names/version information on GitHub.
193 For example, change the release version information in the
194 master branch to 3.1.0-dev
199 accepted: yes (for: 7, against: 0, abstained: 0, not voted: 3)
202 Matt [+1] # 2021-09-01
213 topic: Release 3.0.0 final on Tuesday the 7th of September 2021 if run-checker
214 and CI builds have been clean for two days.
219 accepted: yes (for: 8, against: 0, abstained: 0, not voted: 2)
222 Matt [+1] # 2021-09-01
233 topic: Accept PR#16286 into 3.0 subject to the normal review process
234 Proposed by Shane Lontis
238 accepted: yes (for: 5, against: 1, abstained: 1, not voted: 3)
246 Tomas [-1] # 2021-08-23
247 Kurt [-1] # 2021-08-29
248 Matthias [ 0] # 2021-08-23
252 topic: RSA public exponent validation in 3.0 for the default provider should be
253 consistent with 1.1.1
254 Comment: See issue #16255 for background
255 Proposed by Matt Caswell
259 accepted: yes (for: 4, against: 2, abstained: 3, not voted: 1)
265 Richard [ 0] # 2021-08-15
273 topic: Revert the commits merged from PR #16027 in 1.1.1
274 Comment: Refer to issue #16266 for background
275 Proposed by Tomas Mraz
279 accepted: yes (for: 5, against: 3, abstained: 1, not voted: 1)
285 Richard [-1] # 2021-08-15
294 topic: Accept PR 16171 in 3.0 subject to our normal review process.
299 accepted: yes (for: 6, against: 1, abstained:1, not voted: 2)
303 Matt [+1] # 2021-08-10
314 topic: Accept PR 16203 in 3.0 subject to our normal review process.
319 accepted: yes (for: 4, against: 1, abstained: 4, not voted: 1)
334 topic: OTC approve the release of 3.0 beta2 on Thursday 29th July
335 Proposed by Matt Caswell
339 accepted: yes (for: 7, against: 0, abstained: 0, not voted: 2)
347 Kurt [+1] # 2021-07-27
352 topic: Accept PR 16128 in 3.0 subject to our normal review process
353 Proposed by Matt Caswell
357 accepted: yes (for: 8, against: 0, abstained: 0, not voted:1)
365 Kurt [+1] # 2021-07-27
370 topic: We should accept PR #16118 into 3.0 when completed and subject to the
371 normal review process
372 Proposed by Matt Caswell
376 accepted: yes (for: 5, against: 0, abstained: 3, not voted: 1)
384 Kurt [ 0] # 2021-07-27
389 topic: We should fix the issue described in #16088 for 3.0
390 Proposed by Matt Caswell
394 accepted: yes (for: 6, against: 0, abstained: 2, not voted: 1)
402 Kurt [-1] # 2021-07-27
407 topic: Accept PR 16050 in 3.0 subject to our normal review process
408 Proposed by Tim Hudson
412 accepted: no (for: 1, against: 3, abstained: 4, not voted: 1)
420 Kurt [-1] # 2021-07-27
425 topic: Allow the addition of EVP_PKEY_get0_provider() and
426 EVP_PKEY_CTX_get0_provider() calls in 3.0
427 Proposed by Paul Dale
431 accepted: yes (for: 5, against: 1, abstained: 2, not voted: 1)
439 Kurt [-1] # 2021-07-13
444 topic: Remove ERR_GET_FUNC in 3.0
445 Proposed by Nicola Tuveri
449 accepted: yes (for: 6, against: 1, abstained: 0, not voted: 2)
456 Tomas [+1] # 2021-07-08
457 Kurt [ 0] # 2021-07-08
463 topic: Accept #15955 in 3.0
468 accepted: vote withdraw becuase the vote above invalidates it
470 Matt [-1] # 2021-07-12
481 topic: Accept PR #15763 for 1.1.1 subject to the normal review process
482 Proposed by Matt Caswell
486 accepted: yes (for: 7, against: 0, abstained: 0, not voted: 2)
492 Shane [+1] # 2021-06-30
494 Kurt [+1] # 2021-06-30
500 topic: Accept the API additions from pull request #15790 subject to the normal
502 Proposed by Tomas Mraz
506 accepted: yes (for: 6, against: 1, abstained: 0, not voted: 2)
512 Shane [+1] # 2021-06-30
514 Kurt [ 0] # 2021-06-30
519 topic: We will allow enabling of __owur specifiers for functions for 3.0 as a
520 safe API-change exception.
521 comment: See issue #15902
522 Proposed by Paul Dale
526 accepted: no (for: 1, against: 3, abstained: 4, not voted: 1)
534 Kurt [-1] # 2021-06-30
540 topic: Accept the concept of the refactor proposed in PR 15854 for 3.0
541 Proposed by Matt Caswell
545 accepted: yes (for: 5, against: 1, abstained: 2, not voted: 1)
558 topic: Change the outlen paramter from unsigned int * to size_t * for EVP_Q_mac
559 and size from unsigned int * to size_t * for EVP_Q_digest.
560 Proposed by Nicola Tuveri
564 accepted: yes (for: 5, against: 3, abstained: 0, not voted: 1)
577 topic: OTC approve the release of 3.0 beta1 on Thursday 17th June on the basis
578 that: 1) all current approved PRs with the beta1 milestone are merged
579 2) issues #15755 and #15756 are resolved 3) We accept that VMS does not
580 currently pass tests but expect it to do so before 3.0 final (issue
582 Proposed by Matt Caswell
586 accepted: yes (for: 7, against: 0, abstained: 0, not voted: 2)
594 Kurt [ 0] # 2021-06-15
595 Matthias [+1] # 2021-06-15
599 topic: Reject PR#14759
600 Proposed by Nicola Tuveri
604 accepted: yes (for: 3, against: 2, abstained: 4, not voted: 2)
618 topic: Set PR 13817 milestone to Post 3.0
619 Proposed by Tim Hudson
623 accepted: yes (for: 2, against: 0, abstained: 7, not voted: 2)
638 topic: Set issue 11164 milestone to Post 3.0
639 Proposed by Tim Hudson
643 accepted: yes (for: 6, against: 1, abstained: 0, not voted: 4)
647 Pauli [+1] # 2021-04-21
653 Kurt [-1] # 2021-04-22
658 topic: EVP_PKEY types are immutable once set. Types cannot be changed once
659 set. To move from one type to another compatible type will require
661 Comment: This will result in breaking changes compared to previous releases.
666 accepted: yes (for: 6, against: 0, abstained: 0, not voted: 5)
676 Kurt [+1] # 2021-03-30
677 Matthias [+1] # 2021-03-23
678 Nicola [+1] # 2021-03-30
681 topic: Add a description field to the OSSL_ALGORITHM structure
682 Comment: See Issue #14514 for background
683 Proposed by Matt Caswell
687 accepted: yes (for: 6, against: 2, abstained: 1, not voted: 2)
702 topic: EVP init functions take an OSSL_PARAM array to set parameters and this
703 should be reflected in the equivalent provider interface.
704 Proposed by Matt Caswell
708 accepted: yes (for: 5, against: 0, abstained: 2, not voted: 4)
718 Kurt [+1] # 2021-03-09
719 Matthias [+0] # 2021-03-09
723 topic: In 3.0 it will not be possible to use SM2 with a non-SM2 curve. This
724 should be documented.
725 Proposed by Matt Caswell
729 accepted: yes (for: 7, against: 1, abstained: 1, not voted: 2)
744 topic: EVP_PKEY_get0 functions will return a cached copy of the legacy key, and
745 will be changed to return const. EVP_PKEY_get1 functions work as per
746 EVP_PKEY_get0 but are not const returns and up the reference count
747 Comment: See PR #14319 for background
748 Proposed by Matt Caswell
752 accepted: yes (for: 7, against: 0, abstained: 0, not voted: 4)
762 Kurt [ 0] # 2021-03-03
763 Matthias [+0] # 2021-03-09
767 topic: The RSA_SSLV23_PADDING and related functions should be
768 completely removed from OpenSSL 3.0 code.
769 Proposed by Tomas Mraz
773 accepted: yes (for: 6, against: 0, abstained: 5, not voted: 0)
788 topic: We allow calling a free function on an algorithm method for methods that
789 were not fetched. The free function does nothing in that case.
790 EVP_MD_CTX_md will be deprecated and documented as having "get0"
791 semantics. We will replace it with EVP_MD_CTX_get0_md and
792 EVP_MD_CTX_get1_md. We should do the same for other similar functions
793 Proposed by Matt Caswell
797 accepted: yes (for: 4, against: 0, abstained: 5, not voted: 2)
812 topic: Change PKCS#12 creation to use AES-256-CBC and SHA-256 by default.
813 comment: Both app and API, inlcude CHANGES entry.
818 accepted: yes (for: 8, against: 0, abstained: 0, not voted: 3)
829 Matthias [+1] # 2021-02-13
833 topic: The EVP_xxx_CTX types should support an EVP_xxx_CTX_dup call but not an
834 EVP_xxx_CTX_copy call.
835 comments: Existing EVP_xxx_copy() functions not to be removed in the 3.0
841 accepted: yes (for: 8, against: 0, abstained: 0, not voted: 3)
856 topic: We should not support EVP_xxx_reset() operations.
857 comment: The existing EVP_xxx_dup() function supports this functionality.
858 Existing EVP_xxx_reset() functions not to be removed in the 3.0
864 accepted: yes (for: 7, against: 0, abstained: 1, not voted: 3)
879 topic: EVP_MAC_init should accept key and key length arguments.
884 accepted: yes (for: 4, against: 1, abstained: 4, not voted: 2)
899 topic: EVP init functions should accept an OSSL_PARAM array to set parameters.
900 comment: This will mostly avoid calling the equivalent set_param call.
905 accepted: yes (for: 8, against: 0, abstained: 1, not voted: 2)
920 topic: Where a function does not use the TYPE_NAME_action_name naming scheme,
921 it is considered to be a defect.
922 comment: These are not considered blockers for 3.0 if the function existed in
923 1.1.1. New functions that do not conform must be fixed before release.
928 accepted: yes (for: 6, against: 0, abstained: 3, not voted: 2)
943 topic: Moving forwards we will use TYPE_NAME_action_name for function names.
944 comment: Not camel case, underscores separating words. I.e. EVP_MAC_update
945 not EVP_MACUpdate or EVP_MAC_Update.
950 accepted: yes (for: 8, against: 0, abstained: 1, not voted: 2)
965 topic: Include NULL cipher in the FIPS provider.
966 Proposed by Matthias.
970 accepted: no (for: 0, against: 7, abstained: 2, not voted: 2)
985 topic: For 3.0 EVP_PKEY keys all algorithm implementations that were usable
986 with 1.1.1 EVP_PKEY API or low level APIs without public component must
990 * all implementations apart from EC require the public component to be present;
991 part of the vote closed on 2020-11-17.
993 Proposed by Tomas Mraz
997 accepted: yes (for: 8, against: 0, abstained: 0, not voted: 3)
1012 topic: In the context of the OpenSSL apps, the OTC qualifies as bug
1013 fixes the changes to return a failure exit status when a called
1014 function fails with an unhandled return value.
1015 Even when these bug fixes change the apps behavior triggering
1016 early exits (compared to previous versions of the apps), as bug
1017 fixes, they do not qualify as behavior changes that require an
1018 explicit OMC approval.
1019 Proposed by Nicola Tuveri
1023 accepted: yes (for: 9, against: 0, abstained: 0, not voted: 2)
1038 topic: For 3.0 EVP_PKEY keys, the OTC accepts the following resolution:
1039 * relax the conceptual model to allow private keys to exist without public
1041 * all implementations apart from EC require the public component to be present;
1042 * relax implementation for EC key management to allow private keys that do not
1043 contain public keys and
1044 * our decoders unconditionally generate the public key (where possible).
1046 Proposed by Matt Caswell
1050 accepted: yes (for: 5, against: 4, abstained: 1, not voted: 1)
1066 topic: For DH Generation, the OTC accepts the following resolution:
1067 * Quad-state generation:
1069 - named groups only;
1070 - FIPS 186-2 generation or
1071 - FIPS 186-4 generation.
1072 * For default provider:
1073 - change back to PKCS #3 generation as the default and
1074 - allow changing to FIPS 186-2, FIPS 186-4 or named groups.
1075 * For FIPS provider:
1076 - choose a known safe prime group as default (rejecting non-standard lengths) and
1077 - allow a change to FIPS 186-4 generation.
1078 * For parameter validation in FIPS:
1079 - accept if a named group;
1080 - run FIPS 186-4 validation if DHX key, otherwise reject.
1081 * For key validation: if a named group, do just partial key validation.
1082 * For validation more generally, allow a validation mode to be set.
1084 Proposed by Matt Caswell
1088 accepted: yes (for: 7, against: 0, abstained: 2, not voted: 2)
1103 topic: Hold online weekly OTC meetings starting on Tuesday 2020-10-13
1104 and until 3.0 beta1 is released, in lieu of the weekly "developer
1106 Proposed by Nicola Tuveri
1110 accepted: yes (for: 9, against: 0, abstained: 0, not voted: 2)
1117 Richard [+1] # 2020-10-13
1125 topic: The PR #11359 (Allow to continue with further checks on
1126 UNABLE_TO_VERIFY_LEAF_SIGNATURE) is acceptable for 1.1.1 branch
1127 As the change is borderline on bug fix/behaviour change OTC needs
1128 to decide whether it is acceptable for 1.1.1 branch.
1129 Proposed by Tomas Mraz
1133 accepted: yes (for: 3, against: 2, abstained: 5, not voted: 1)
1148 topic: The following items are required prerequisites for the first beta release:
1149 1) EVP is the recommended API, it must be feature-complete compared with
1150 the functionality available using lower-level APIs.
1151 - Anything that isn’t available must be put to an OTC vote to exclude.
1152 - The apps are the minimum bar for this, subject to exceptions noted below.
1153 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_,
1155 - Does not include macros defining useful constants (e.g.
1156 SHA512_DIGEST_LENGTH).
1157 - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`.
1158 - There might be some others.
1159 - Review for exceptions.
1160 - The apps are the minimum bar to measure feature completeness for the EVP
1161 interface: rewrite them so they do not use internal nor deprecated
1162 functions (except speed, engine, list, passwd -crypt and the code to handle
1163 the -engine CLI option). That is, remove the suppression of deprecated
1165 - Proposal: drop passwd -crypt (OMC vote required)
1166 - Compile and link 1.1.1 command line app against the master headers and
1167 library. Run 1.1.1 app test cases against the chimera. Treat this as an
1168 external test using a special 1.1.1 branch.
1169 - Deprecated functions used by libssl should be moved to independent file(s),
1170 to limit the suppression of deprecated defines to the absolute minimum
1172 3) Draft documentation (contents but not pretty)
1173 - Need a list of things we know are not present - including things we have
1175 - We need to have mapping tables for various d2i/i2d functions.
1176 - We need to have a mapping table from “old names” for things into the
1178 - Documentation addition to old APIs to refer to new ones (man7).
1179 - Documentation needs to reference name mapping.
1180 - All the legacy interfaces need to have their documentation pointing to
1181 the replacement interfaces.
1182 4) Review (and maybe clean up) legacy bridge code.
1183 5) Review TODO(3.0) items #12224.
1184 6) Source checksum script.
1185 7) Review of functions previously named _with_libctx.
1186 8) Encoder fixes (PKCS#8, PKCS#1, etc).
1187 9) Encoder DER to PEM refactor.
1188 10) Builds and passes tests on all primary, secondary and FIPS platforms.
1189 11) Query provider parameters (name, version, ...) from the command line.
1190 12) Setup buildbot infrastructure and associated instructions.
1191 13) Complete make fipsinstall.
1192 14) More specific decoding selection (e.g. params or keys).
1193 15) Example code covering replacements for deprecated APIs.
1194 16) Drop C code output options from the apps (OMC approval required).
1195 17) Address issues and PRs in the 3.0beta1 milestone.
1200 accepted: yes (for: 8, against: 0, abstained: 0, not voted: 3)
1203 Mark [+1] # 2020-10-13
1210 Kurt [-1] # 2020-10-14
1215 topic: We should accept the Fully Pluggable TLSv1.3 KEM functionality as shown
1216 in PR #13018 into the 3.0 release
1217 Proposed by Matt Caswell
1221 accepted: yes (for: 8, against: 1, abstained: 1, not voted: 1)
1236 topic: OTC meeting will be called for next Tuesday (2020-10-06)
1237 Proposed by Matthias St. Pierre
1241 accepted: yes (for: 7, against: 0, abstained: 0, not voted: 4)
1244 Mark [+1] # 2020-09-30
1250 Tomas [+1] # 2020-09-30
1251 Kurt [+1] # 2020-09-30
1256 topic: Accept the OTC voting policy as defined:
1258 The proposer of a vote is ultimately responsible for updating the votes.txt
1259 file in the repository. Outside of a face to face meeting, voters MUST reply
1260 to the vote email indicating their preference and optionally their reasoning.
1261 Voters MAY update the votes.txt file in addition.
1263 The proposed vote text SHOULD be raised for discussion before calling the vote.
1265 Public votes MUST be called on the project list, not the OTC list and the
1266 subject MUST begin with “VOTE:”. Private votes MUST be called on the
1267 OTC list with “PRIVATE VOTE:” beginning subject.
1269 Proposed by Matthias St. Pierre (on behalf of the OTC)
1273 accepted: yes (for: 9, against: 0, abstained: 0, not voted: 2)
1288 topic: Adopt the coding style policy on function arguments as shown in chapter
1289 6.1 of web PR 194 (commit f37f8a9000)
1290 Proposed by Matt Caswell
1294 accepted: no (for: 2, against: 5, abstained: 2, not voted: 2)
1309 topic: Adopt the coding style policy on extending existing functions as shown
1310 in chapter 6.2 of web PR 194 (commit f37f8a9000)
1311 Proposed by Matt Caswell
1315 accepted: yes (for: 5, against: 3, abstained: 2, not voted: 1)
1319 Pauli [+1] # Vote changed 2020-09-21
1331 topic: The performance improvements provided in PR11188 should be considered a
1332 bug fix and therefore acceptable for backport to 1.1.1
1333 Proposed by Matt Caswell
1337 accepted: no (for: 0, against: 8, abstained: 3, not voted: 0)
1353 topic: Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODER / OSSL_DECODER
1355 The rationale is that it makes things easier on programmers
1356 (encode / decode is easier to write than serialize / deserialize),
1357 and also avoids disputes on what is and isn't serialization.
1359 Associated issues and PRs: #12455, #12659 and #12660
1364 accepted: yes (for: 5, against: 1, abstained: 4, not voted: 1)
1372 Shane [-0] # Shane's vote was actually --0
1379 topic: Rename OPENSSL_CTX to OSSL_LIB_CTX (as proposed by pull request #12621)
1381 The main rationale behind this change is consistency, because many of the new
1382 OpenSSL 3.0 types have an OSSL_ prefix, and OPENSSL_CTX is a notable exception.
1383 More details can be found in the description and thread of pull request #12621.
1385 There was a discussion on openssl-committers ('Rename OPENSSL_CTX to OSSL_WHAT?')
1386 and an initial poll on doodle about the favourite replacements for OPENSSL_CTX
1387 (https://doodle.com/poll/drku9ziwvkp6tw25).
1389 Proposed by Matthias St. Pierre
1393 accepted: yes (for: 5, against: 0, abstained: 4, not voted: 2)
1408 topic: For change requests which target both the master and the
1409 OpenSSL_1_1_1-stable branch, the following procedure should be followed:
1410 - First, a pull request needs to be opened against the master branch for
1411 discussion. Only after that pull request has received the necessary
1412 amount of approvals, a separate pull request can be opened against the
1413 OpenSSL_1_1_1-stable branch.
1414 - A separate pull request against the OpenSSL_1_1_1-stable branch is
1415 required. This holds - contrary to common practice - even if the change
1416 can be cherry-picked without conflicts from the master branch. The only
1417 exception from this rule are changes which are considered 'CLA: trivial',
1418 like e.g. typographical fixes.
1419 Proposed by Matt Caswell
1423 accepted: no (for: 4, against: 4, abstained: 3, not voted: 0)
1439 topic: Accept and merge #11577.
1440 comment: #11577 reduces the maximum length of TLS labels.
1441 It also breaks standards compliance.
1446 accepted: no (for: 0, against: 9, abstained: 1, not voted: 1)
1456 Kurt [-1] # 2020-06-09
1461 topic: Keep FIPS_mode() as emulated by EVP_default_properties_is_fips_enabled(NULL)
1462 Proposed by Tomas Mraz
1466 accepted: no (for: 2, against: 5, abstained: 3, not voted: 1)
1481 topic: approve PR#8300 statem: fix the alert sent for too large messages
1482 Proposed by Tim Hudson
1486 accepted: no (for: 1, against: 4, abstained: 6, not voted: 0)