Priorities for OpenSSL 3.6
Paul Dale Wed 19 Feb 2025 8:53PMPublicSeen by 38The question about priorities for the 3.6 release has been asked: https://openssl-communities.org/d/HCdTYIoN/priorities-for-3-6
What priorities do the committers think are beneficial?
Are there any other items you think should be added to the list?
Frederik Wedel-HeinenThu 20 Feb 2025 4:39AM
My focus is on DTLS-1.3 so it is good to see it on the list. Development is currently stalled because of lacking review activity. With all of the PRs merged the implementation is able to interop with Wolfssl and Mozilla implementations, so I would count the implementation as fairly mature.
I hope that DTLS-1.3 being on the list will help PR reviews to have priority.
Dmitry BelyavskyThu 20 Feb 2025 3:29PM
I'd support constant BIGNUM
Kurt RoeckxThu 20 Feb 2025 9:26PM
It would be nice that the list would include links to issues, where that would include more details, or subitems. For instance, I would like to be able to do io uring with quic for both transmit and receive, with 0 copies (except encryption/decryption). Is that meant with performance improvements?
Paul DaleFri 21 Feb 2025 1:27AM
@Kurt Roeckx, agreed that would have been useful.
Do we want a poll here to formally select items or is everyone happy with me summarising the expressed opinions?
Kurt RoeckxFri 21 Feb 2025 10:10AM
We could also add more fuzzers. Looking at the coverage, at least CMS, pkcs12 and http could use one.
Paul DaleTue 25 Feb 2025 11:10PM
I've summarised the responses on the original thread. Thanks for the input. I think that additional feedback should be on that thread rather than this one.
Kurt RoeckxThu 27 Feb 2025 10:10AM
I can not directly comment in that thread
Tim HudsonThu 27 Feb 2025 10:14AM
The idea is to comment in the communities you are registered in - so comments here or in any of the other communities you are a member of are welcome and entirely appropriate. The BAC representative for the particular community you comment in is the one that is expected to make sure the community input makes it into consideration for the BAC for what advice they provide.
Paul DaleThu 27 Feb 2025 9:52PM
Apologies Kurt, I had no idea that that thread was restricted. Comment here and I'll summaries and pass along.
Shane Lontis ·Wed 19 Feb 2025 10:39PM
Good to see BIGNUM on the list, would really like to see this tackled.
Anythign related to Performance, security and testing are high priority.
Other things..
- ABI testing of assembly (See issue #21522)
- Power On Self Tests to be configured to run on first use? (There is a potential hit on every call if this needs to be locked or atomic_load?)
- Hybrid PQ Signatures
- Next round of PQ algorithms?