[gnutls-dev] Things to do before next stable release?

Simon Josefsson simon at josefsson.org
Sat May 26 22:22:57 CEST 2007

Oh, right, definitely.  Thanks for reminding me.  I'll try to get 1.6.3
out tonight, then I'll work on reworking the sign callback API, and wait
for your review of it.  After that, we can move it into the 1.7.x
branch.  I think the sign callback work is important enough to hold up
the next stable branch.

Note to self, my todo-list before releasing 1.8.0 right now is:

* Fix sign callback API to be per-credential rather than per-session.

* Check copyright papers for everyone who contributed during the 1.7.x
  phase (I opportunistically installed some fixes after confirming with
  authors that they were sending copyright assignments, although I have
  not verified that the assignment were actually received).

* Make sure the stuff in the GIT repository (i.e., all recent work) is
  available through CVS, either through back-ports to the old server or
  a git-cvsserver approach.


"Alon Bar-Lev" <alon.barlev at gmail.com> writes:

> What about the external engine? (To enable PKCS#11 and such?)
> Alon.
> On 5/26/07, Simon Josefsson <simon at josefsson.org> wrote:
>> I think 1.7.x now contains a lot of stuff that we should release as a
>> stable release, for example:
>> * TLS 1.2 support (although protocol not finalized in the IETF yet).
>> * Proxy certificate support.
>> * Signing using RSA-SHA256/384/512.
>> * New APIs to print textual representation of certificates.
>> * Support for 'otherName' SAN.
>> * Support for supplemental data (RFC 4680).
>> * Support for tls-authz.
>> * New APIs to iterate through supported algorithms.
>> Plus many, many bug fixes and other improvements of existing code.
>> Initially I wanted to wait for TLS 1.2 to stabilize until we would
>> release 1.8.0, although that seems to take longer than expected.
>> I think we could release 1.8.0 as-is, with TLS 1.2 disabled as a default
>> protocol, and with a release note saying that the TLS 1.2 stuff is
>> subject to change incompatibility if the IETF changes the protocol.
>> Can anyone think of other things to do before releasing the 1.7.x branch
>> as a new stable 1.8.0?
>> Come to think of it, the amount of new features (especially TLS 1.2) may
>> warrant calling this release 2.0.0.  What do you think?
>> I'll try to go over a 'diff -r gnutls_1_6_2 gnutls_1_7_11' to see if
>> there is some pending work that I've forgotten about.
>> /Simon
>> _______________________________________________
>> Gnutls-dev mailing list
>> Gnutls-dev at gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnutls-dev

More information about the Gnutls-devel mailing list