September 18 meeting minutes
Jon Ericson
Public
Seen by 9
Attendees:
|
|
Old business
Create the General Discussion group (Jon)Start discussion about the BAC/TAC election process before the next election (Nicola)
-
Initial review of https://github.com/openssl/openssl/pull/28278 (Matt to assign)
Neil did an initial review. Is this now in the normal review process? (Matt)
Uses keys as raw bytes/hex bytes/base64, which is controversial. (Dmitry)
Use a test provider? (Richard)
Intention was to use raw keys to make it easily testable. (Dmitry)
Use a test provider that includes a shared object with an environment variable. (Richard)
Maybe not available for command line tests. (Dmitry)
New business
-
PQC Group Recommendations for TLS 1.3 (Aditya)
Why recommend anything other than the default? (Matt)
Make recommendations based on different situations where the default might not be ideal. (Igor)
It might cost a lot of time to discuss recommendations and it makes sense for most people to just use the default. (Matt)
Nothing about PQC in the documentation. (Igor)
Minimal change would be to change the list to be the default, which includes a PQC (Hybrid ML-KEM) algorithm at the top. (Matt)
Also drop “(in order of decreasing performance)” if we are just listing the default. (Aditya)
s/recommended/default/ (Igor)
Also, potentially, document other options. (Aditya)
All agree to just use the default for this bit of documentation since it starts with a PQC algorithm.
-
Keeping generated files in the tree (Dmitry)
Example: blah_blah.c.in => blah_blah.c (Dmitry)
Potential loss of time editing a generated file (Dmitry)
-
Can we solve this by making them read-only? (Tomas)
People will make them writable to generate them. (Richard)
Atomic operation to remove the old and write the new. The editor will help by showing the file is read-only. (Tomas)
Technically this might be more complicated on non-UNIX systems. (Richard)
Could be helpful even locally since people can be confused if people run make update and then edit the generated files. (Tomas)
But vim allows people to overwrite read-only files. (Dmitry)
-
CI runs `make update` and could give a warning/error if people edit a generated file. (Dmitry)
Would require making a PR in order to find the error. (Richard)
-
Make generated files read-only and verify that generated files haven’t been manually updated with time stamps. (Tomas)
Make doesn’t update generated files if the timestamp of the generated file is later than the template. (Richard)
-
Reformatting the code to allow for automatic code formatting with clang_format, as a general idea. (Tomas)
Request for the BAC ask their communities about this idea. There would be a CI check that would fail if there are formatting errors and it won’t be possible to waive the check. So there will be a huge reformatting change that will touch at least 10% of code lines to up to 50% for radical changes to the formatting. Will it be a problem for users, especially distributions who or maintaining patches. (Tomas)
All PRs will also have merge conflicts that could be resolved with a one-time rebase (Matt)
Would need to reformat all active branches so that we can still cherrypick updates. (Tomas)
Someone should explain what’s being proposed so that there can be a discussion on the General Discussion. (Igor)
An ideal outcome would be for the TAC to ask the people who are proposing the idea to write it up on the General Discussion.
-
OPENSSL_VERSION_NUMBER zero status bits (Tomas)
There is a conclusion, so we can drop this.
3.5.3 make a change to the macro that broke downstream releases. The solution is to revert (Matt)
AOB
-
Escalation process(Aditya)
I'm still on the hook to write up a proposal. (Jon)
Action items
Review https://github.com/openssl/openssl/pull/28278 (Matt)
Respond to PQC Group Recommendations for TLS 1.3 (Aditya)
Proposal to make generated files read-only. (Richard)
Reformatting proposal (Matt, temporarily)
Propose a label to request community discussion/escalation process (Jon)