[gnutls-dev] Things to do before next stable release?

Alon Bar-Lev alon.barlev at gmail.com
Sat May 26 19:24:24 CEST 2007


What about the external engine? (To enable PKCS#11 and such?)

Alon.

On 5/26/07, Simon Josefsson <simon at josefsson.org> wrote:
> I think 1.7.x now contains a lot of stuff that we should release as a
> stable release, for example:
>
> * TLS 1.2 support (although protocol not finalized in the IETF yet).
>
> * Proxy certificate support.
>
> * Signing using RSA-SHA256/384/512.
>
> * New APIs to print textual representation of certificates.
>
> * Support for 'otherName' SAN.
>
> * Support for supplemental data (RFC 4680).
>
> * Support for tls-authz.
>
> * New APIs to iterate through supported algorithms.
>
> Plus many, many bug fixes and other improvements of existing code.
>
> Initially I wanted to wait for TLS 1.2 to stabilize until we would
> release 1.8.0, although that seems to take longer than expected.
>
> I think we could release 1.8.0 as-is, with TLS 1.2 disabled as a default
> protocol, and with a release note saying that the TLS 1.2 stuff is
> subject to change incompatibility if the IETF changes the protocol.
>
> Can anyone think of other things to do before releasing the 1.7.x branch
> as a new stable 1.8.0?
>
> Come to think of it, the amount of new features (especially TLS 1.2) may
> warrant calling this release 2.0.0.  What do you think?
>
> I'll try to go over a 'diff -r gnutls_1_6_2 gnutls_1_7_11' to see if
> there is some pending work that I've forgotten about.
>
> /Simon
>
> _______________________________________________
> Gnutls-dev mailing list
> Gnutls-dev at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnutls-dev
>



More information about the Gnutls-dev mailing list