OpenSSL Communities

September 18 meeting minutes

JE Jon Ericson Public Seen by 9

Attendees:

  • Dmitry Belyavsky - Committers

  • Igor Ustinov - Individuals

  • Barry Fussell - Large Businesses

  • Aditya Koranga - Small Businesses

  • Matt Caswell

  • Tomas Mraz

  • Richard Levitte

  • Jon Ericson

Old business

  • Create the General Discussion group (Jon)

  • Start discussion about the BAC/TAC election process before the next election (Nicola)

  • Initial review of https://github.com/openssl/openssl/pull/28278  (Matt to assign)

    • Neil did an initial review. Is this now in the normal review process? (Matt)

    • Uses keys as raw bytes/hex bytes/base64, which is controversial. (Dmitry)

    • Use a test provider? (Richard)

    • Intention was to use raw keys to make it easily testable. (Dmitry)

    • Use a test provider that includes a shared object with an environment variable. (Richard)

    • Maybe not available for command line tests. (Dmitry)

New business

  • PQC Group Recommendations for TLS 1.3 (Aditya)

    • Why recommend anything other than the default? (Matt)

    • Make recommendations based on different situations where the default might not be ideal. (Igor)

    • It might cost a lot of time to discuss recommendations and it makes sense for most people to just use the default. (Matt)

    • Nothing about PQC in the documentation. (Igor)

    • Minimal change would be to change the list to be the default, which includes a PQC (Hybrid ML-KEM) algorithm at the top. (Matt)

    • Also drop “(in order of decreasing performance)” if we are just listing the default. (Aditya)

    • s/recommended/default/ (Igor)

    • Also, potentially, document other options. (Aditya)

    • All agree to just use the default for this bit of documentation since it starts with a PQC algorithm.

  • Keeping generated files in the tree (Dmitry)

    • Example: blah_blah.c.in => blah_blah.c (Dmitry)

    • Potential loss of time editing a generated file (Dmitry)

    • Can we solve this by making them read-only? (Tomas)

      • People will make them writable to generate them. (Richard)

      • Atomic operation to remove the old and write the new. The editor will help by showing the file is read-only. (Tomas)

      • Technically this might be more complicated on non-UNIX systems. (Richard)

      • Could be helpful even locally since people can be confused if people run make update and then edit the generated files. (Tomas)

      • But vim allows people to overwrite read-only files. (Dmitry)

    • CI runs `make update` and could give a warning/error if people edit a generated file. (Dmitry)

      • Would require making a PR in order to find the error. (Richard)

    • Make generated files read-only and verify that generated files haven’t been manually updated with time stamps. (Tomas)

      • Make doesn’t update generated files if the timestamp of the generated file is later than the template. (Richard)

  • Reformatting the code to allow for automatic code formatting with clang_format, as a general idea. (Tomas)

    • Request for the BAC ask their communities about this idea. There would be a CI check that would fail if there are formatting errors and it won’t be possible to waive the check. So there will be a huge reformatting change that will touch at least 10% of code lines to up to 50% for radical changes to the formatting. Will it be a problem for users, especially distributions who or maintaining patches. (Tomas)

    • All PRs will also have merge conflicts that could be resolved with a one-time rebase (Matt)

    • Would need to reformat all active branches so that we can still cherrypick updates. (Tomas)

    • Someone should explain what’s being proposed so that there can be a discussion on the General Discussion. (Igor)

    • An ideal outcome would be for the TAC to ask the people who are proposing the idea to write it up on the General Discussion.

  • OPENSSL_VERSION_NUMBER zero status bits (Tomas)

    • There is a conclusion, so we can drop this.

    • 3.5.3 make a change to the macro that broke downstream releases. The solution is to revert (Matt)

AOB

  • Escalation process(Aditya)

    • I'm still on the hook to write up a proposal. (Jon)

Action items