1 # A record of formal votes in reverse chronological order.
3 # To vote, add one of the following entries next to your name:
5 # [+1] I vote in favour of the proposal
6 # [ 0] I abstain from the vote
7 # [-1] I vote against the proposal
9 # If you are abstaining, you can indicate a tendency as follows:
11 # [+0] I abstain but with a slight lean towards a vote in favour
12 # [ 0] I abstain with no stated preference
13 # [-0] I abstain but with a slight lean towards a vote against
15 # A template for voting (alphabetical by surname) follows.
23 accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T)
38 topic: The PR #11359 (Allow to continue with further checks on
39 UNABLE_TO_VERIFY_LEAF_SIGNATURE) is acceptable for 1.1.1 branch
40 As the change is borderline on bug fix/behaviour change OTC needs
41 to decide whether it is acceptable for 1.1.1 branch.
42 Proposed by Tomas Mraz
46 accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T)
61 topic: The following items are required prerequisites for the first beta release:
62 1) EVP is the recommended API, it must be feature-complete compared with
63 the functionality available using lower-level APIs.
64 - Anything that isn’t available must be put to an OTC vote to exclude.
65 - The apps are the minimum bar for this, subject to exceptions noted below.
66 2) Deprecation List Proposal: DH_, DSA_, ECDH_, ECDSA_, EC_KEY_, RSA_,
68 - Does not include macros defining useful constants (e.g.
69 SHA512_DIGEST_LENGTH).
70 - Excluded from Deprecation: `EC_`, `DSA_SIG_`, `ECDSA_SIG_`.
71 - There might be some others.
72 - Review for exceptions.
73 - The apps are the minimum bar to measure feature completeness for the EVP
74 interface: rewrite them so they do not use internal nor deprecated
75 functions (except speed, engine, list, passwd -crypt and the code to handle
76 the -engine CLI option). That is, remove the suppression of deprecated
78 - Proposal: drop passwd -crypt (OMC vote required)
79 - Compile and link 1.1.1 command line app against the master headers and
80 library. Run 1.1.1 app test cases against the chimera. Treat this as an
81 external test using a special 1.1.1 branch.
82 - Deprecated functions used by libssl should be moved to independent file(s),
83 to limit the suppression of deprecated defines to the absolute minimum
85 3) Draft documentation (contents but not pretty)
86 - Need a list of things we know are not present - including things we have
88 - We need to have mapping tables for various d2i/i2d functions.
89 - We need to have a mapping table from “old names” for things into the
91 - Documentation addition to old APIs to refer to new ones (man7).
92 - Documentation needs to reference name mapping.
93 - All the legacy interfaces need to have their documentation pointing to
94 the replacement interfaces.
95 4) Review (and maybe clean up) legacy bridge code.
96 5) Review TODO(3.0) items #12224.
97 6) Source checksum script.
98 7) Review of functions previously named _with_libctx.
99 8) Encoder fixes (PKCS#8, PKCS#1, etc).
100 9) Encoder DER to PEM refactor.
101 10) Builds and passes tests on all primary, secondary and FIPS platforms.
102 11) Query provider parameters (name, version, ...) from the command line.
103 12) Setup buildbot infrastructure and associated instructions.
104 13) Complete make fipsinstall.
105 14) More specific decoding selection (e.g. params or keys).
106 15) Example code covering replacements for deprecated APIs.
107 16) Drop C code output options from the apps (OMC approval required).
108 17) Address issues and PRs in the 3.0beta1 milestone.
113 accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T)
128 topic: We should accept the Fully Pluggable TLSv1.3 KEM functionality as shown
129 in PR #13018 into the 3.0 release
130 Proposed by Matt Caswell
134 accepted: yes/no (for: X, against: Y, abstained: Z, not voted: T)
149 topic: OTC meeting will be called for next Tuesday (2020-10-06)
150 Proposed by Matthias St. Pierre
154 accepted: yes (for: 7, against: 0, abstained: 0, not voted: 4)
157 Mark [+1] # 2020-09-30
163 Tomas [+1] # 2020-09-30
164 Kurt [+1] # 2020-09-30
169 topic: Accept the OTC voting policy as defined:
171 The proposer of a vote is ultimately responsible for updating the votes.txt
172 file in the repository. Outside of a face to face meeting, voters MUST reply
173 to the vote email indicating their preference and optionally their reasoning.
174 Voters MAY update the votes.txt file in addition.
176 The proposed vote text SHOULD be raised for discussion before calling the vote.
178 Public votes MUST be called on the project list, not the OTC list and the
179 subject MUST begin with “VOTE:”. Private votes MUST be called on the
180 OTC list with “PRIVATE VOTE:” beginning subject.
182 Proposed by Matthias St. Pierre (on behalf of the OTC)
186 accepted: yes (for: 9, against: 0, abstained: 0, not voted: 2)
201 topic: Adopt the coding style policy on function arguments as shown in chapter
202 6.1 of web PR 194 (commit f37f8a9000)
203 Proposed by Matt Caswell
207 accepted: no (for: 2, against: 5, abstained: 2, not voted: 2)
222 topic: Adopt the coding style policy on extending existing functions as shown
223 in chapter 6.2 of web PR 194 (commit f37f8a9000)
224 Proposed by Matt Caswell
228 accepted: yes (for: 5, against: 3, abstained: 2, not voted: 1)
232 Pauli [+1] # Vote changed 2020-09-21
244 topic: The performance improvements provided in PR11188 should be considered a
245 bug fix and therefore acceptable for backport to 1.1.1
246 Proposed by Matt Caswell
250 accepted: no (for: 0, against: 8, abstained: 3, not voted: 0)
266 topic: Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODER / OSSL_DECODER
268 The rationale is that it makes things easier on programmers
269 (encode / decode is easier to write than serialize / deserialize),
270 and also avoids disputes on what is and isn't serialization.
272 Associated issues and PRs: #12455, #12659 and #12660
277 accepted: yes (for: 5, against: 1, abstained: 4, not voted: 1)
285 Shane [-0] # Shane's vote was actually --0
292 topic: Rename OPENSSL_CTX to OSSL_LIB_CTX (as proposed by pull request #12621)
294 The main rationale behind this change is consistency, because many of the new
295 OpenSSL 3.0 types have an OSSL_ prefix, and OPENSSL_CTX is a notable exception.
296 More details can be found in the description and thread of pull request #12621.
298 There was a discussion on openssl-committers ('Rename OPENSSL_CTX to OSSL_WHAT?')
299 and an initial poll on doodle about the favourite replacements for OPENSSL_CTX
300 (https://doodle.com/poll/drku9ziwvkp6tw25).
302 Proposed by Matthias St. Pierre
306 accepted: yes (for: 5, against: 0, abstained: 4, not voted: 2)
321 topic: For change requests which target both the master and the
322 OpenSSL_1_1_1-stable branch, the following procedure should be followed:
323 - First, a pull request needs to be opened against the master branch for
324 discussion. Only after that pull request has received the necessary
325 amount of approvals, a separate pull request can be opened against the
326 OpenSSL_1_1_1-stable branch.
327 - A separate pull request against the OpenSSL_1_1_1-stable branch is
328 required. This holds - contrary to common practice - even if the change
329 can be cherry-picked without conflicts from the master branch. The only
330 exception from this rule are changes which are considered 'CLA: trivial',
331 like e.g. typographical fixes.
332 Proposed by Matt Caswell
336 accepted: no (for: 4, against: 4, abstained: 3, not voted: 0)
352 topic: Accept and merge #11577.
353 comment: #11577 reduces the maximum length of TLS labels.
354 It also breaks standards compliance.
359 accepted: no (for: 0, against: 9, abstained: 1, not voted: 1)
369 Kurt [-1] # 2020-06-09
374 topic: Keep FIPS_mode() as emulated by EVP_default_properties_is_fips_enabled(NULL)
375 Proposed by Tomas Mraz
379 accepted: no (for: 2, against: 5, abstained: 3, not voted: 1)
394 topic: approve PR#8300 statem: fix the alert sent for too large messages
395 Proposed by Tim Hudson
399 accepted: no (for: 1, against: 4, abstained: 6, not voted: 0)