[gnutls-dev] Things to do before next stable release?

Simon Josefsson simon at josefsson.org
Sat May 26 18:56:50 CEST 2007

I think 1.7.x now contains a lot of stuff that we should release as a
stable release, for example:

* TLS 1.2 support (although protocol not finalized in the IETF yet).

* Proxy certificate support.

* Signing using RSA-SHA256/384/512.

* New APIs to print textual representation of certificates.

* Support for 'otherName' SAN.

* Support for supplemental data (RFC 4680).

* Support for tls-authz.

* New APIs to iterate through supported algorithms.

Plus many, many bug fixes and other improvements of existing code.

Initially I wanted to wait for TLS 1.2 to stabilize until we would
release 1.8.0, although that seems to take longer than expected.

I think we could release 1.8.0 as-is, with TLS 1.2 disabled as a default
protocol, and with a release note saying that the TLS 1.2 stuff is
subject to change incompatibility if the IETF changes the protocol.

Can anyone think of other things to do before releasing the 1.7.x branch
as a new stable 1.8.0?

Come to think of it, the amount of new features (especially TLS 1.2) may
warrant calling this release 2.0.0.  What do you think?

I'll try to go over a 'diff -r gnutls_1_6_2 gnutls_1_7_11' to see if
there is some pending work that I've forgotten about.


More information about the Gnutls-devel mailing list