Foundation priorities for 3.6
Nicola Tuveri
Public
Seen by 25
The Foundation has asked the BAC for feedback on priorities for the next release now in planning.
Even before that we started a related discussion here.
I'd like to ask you to read both threads, reviewing items proposed within our community and the ones suggested by the project and other communities, so we can provide feedback on desired features and our wishes for prioritizing them.
Poll Created Tue 18 Mar 2025 9:13AM
Our community contribution for a long-standing list of priorities for the Foundation BAC Closed Mon 31 Mar 2025 8:00PM
What is this poll about?
I collected the proposals from the Foundation, integrating them with proposals emerged from our and other communities.
Why is this important?
The Foundation has asked the BAC to shift the focus from priorities for the 3.6 release towards a long-standing list of priorities.
It is time for our community to express a preference on prioritization
What are you asking people to do?
Vote by ranking the options in order of your preference. The resulting order will be brought forward to the Foundation BAC.
Results
| Results | Option | Rank | % of points | Points | Mean | ||
|---|---|---|---|---|---|---|---|
|
|
Encrypted Client Hello | 1 | 7.9% | 60 | 20.0 | ||
|
|
constant-time BIGNUM | 2 | 7.6% | 58 | 19.3 | ||
|
|
More #doc: Document (or remove) undocumented API functions | 3 | 7.4% | 56 | 18.7 | ||
|
|
DTLS-1.3 | 4 | 7.2% | 55 | 18.3 | ||
|
|
Work through backlog of Github issues and PRs | 5 | 6.9% | 52 | 17.3 | ||
|
|
Finalizing replacements of legacy constructs/functionality | 6 | 6.6% | 50 | 16.7 | ||
|
|
More #PQC: Hybrid/composite PQC signatures & certificates | 7 | 5.1% | 39 | 13.0 | ||
|
|
More #PQC: support for next round of standardized PQC algorithms | 8 | 4.5% | 34 | 11.3 | ||
|
|
#usability: simplified CLI | 9 | 4.2% | 32 | 10.7 | ||
|
|
Command-line UI for attribute certificates | 10 | 4.0% | 30 | 10.0 | ||
|
|
More #QUIC: IO uring zero-copy for #performance | 11 | 4.0% | 30 | 10.0 | ||
|
|
Providers/fetching/decoders #performance improvements | 12 | 4.0% | 30 | 10.0 | ||
|
|
More #PQC: X.509 integration | 13 | 3.8% | 29 | 9.7 | ||
|
|
More #tests: ABI testing for assembly | 14 | 3.8% | 29 | 9.7 | ||
|
|
More #tests: Improvements on test coverage | 15 | 3.8% | 29 | 9.7 | ||
|
|
More #doc: more guide-style documentation | 16 | 3.8% | 29 | 9.7 | ||
|
|
More #tests: Improvements on test infrastructure | 17 | 3.6% | 27 | 9.0 | ||
|
|
More #QUIC: QUIC stack #performance improvements | 18 | 3.6% | 27 | 9.0 | ||
|
|
More #PQC: XMSS & LMS | 19 | 3.2% | 24 | 8.0 | ||
|
|
More #QUIC: Advanced features such as 0-RTT and path migration | 20 | 2.9% | 22 | 7.3 | ||
|
|
Private keys: move away from proprietary PEM to standard format | 21 | 1.4% | 11 | 3.7 | ||
|
|
Support for TLS-LTS | 22 | 0.8% | 6 | 2.0 | ||
| Undecided | 0% | 0 | 0 |
3 of 21 people have participated (14%)
Stephen Farrell Tue 18 Mar 2025 9:13AM
| 1 - Encrypted Client Hello | ||
| 2 - DTLS-1.3 | ||
| 3 - More #doc: Document (or remove) undocumented API functions | ||
| 4 - More #tests: Improvements on test coverage | ||
| 5 - Work through backlog of Github issues and PRs | ||
| 6 - constant-time BIGNUM | ||
| 7 - #usability: simplified CLI | ||
| 8 - More #doc: more guide-style documentation | ||
| 9 - More #tests: Improvements on test infrastructure | ||
| 10 - Finalizing replacements of legacy constructs/functionality | ||
| 11 - More #QUIC: QUIC stack #performance improvements | ||
| 12 - More #PQC: XMSS & LMS | ||
| 13 - More #PQC: Hybrid/composite PQC signatures & certificates | ||
| 14 - More #QUIC: IO uring zero-copy for #performance | ||
| 15 - More #tests: ABI testing for assembly | ||
| 16 - Private keys: move away from proprietary PEM to standard format | ||
| 17 - Providers/fetching/decoders #performance improvements | ||
| 18 - More #PQC: support for next round of standardized PQC algorithms | ||
| 19 - More #PQC: X.509 integration | ||
| 20 - More #QUIC: Advanced features such as 0-RTT and path migration | ||
| 21 - Command-line UI for attribute certificates | ||
| 22 - Support for TLS-LTS |
ECH needs to be done here before being deployed by standard web servers and we're late with that already
Milan Broz Tue 18 Mar 2025 9:13AM
| 1 - Work through backlog of Github issues and PRs | ||
| 2 - More #doc: Document (or remove) undocumented API functions | ||
| 3 - Encrypted Client Hello | ||
| 4 - constant-time BIGNUM | ||
| 5 - Finalizing replacements of legacy constructs/functionality | ||
| 6 - DTLS-1.3 | ||
| 7 - Providers/fetching/decoders #performance improvements | ||
| 8 - Command-line UI for attribute certificates | ||
| 9 - More #tests: ABI testing for assembly | ||
| 10 - More #PQC: support for next round of standardized PQC algorithms | ||
| 11 - More #QUIC: IO uring zero-copy for #performance | ||
| 12 - More #PQC: XMSS & LMS | ||
| 13 - More #QUIC: QUIC stack #performance improvements | ||
| 14 - More #QUIC: Advanced features such as 0-RTT and path migration | ||
| 15 - More #PQC: Hybrid/composite PQC signatures & certificates | ||
| 16 - More #tests: Improvements on test infrastructure | ||
| 17 - More #tests: Improvements on test coverage | ||
| 18 - More #PQC: X.509 integration | ||
| 19 - Support for TLS-LTS | ||
| 20 - More #doc: more guide-style documentation | ||
| 21 - #usability: simplified CLI | ||
| 22 - Private keys: move away from proprietary PEM to standard format |
Cleaning up the backlog opens resources for important features. Properly documenting new (and deprecated) API will hopefully help to teach AI to no longer suggest writing obsolete OpenSSL code :-)
Peter Gutmann · Thu 27 Feb 2025 10:22AM
Can't seem to post to that thread but a general thought for one of the items mentioned:
>Backlog of Github issues and PRs
Having provided input to various projects that then sat around for years in change-tracking systems, efforts to catch up on issues and PRs is always welcome. Not specific to OpenSSL but to open-source projects in general.
Peter.