[gnutls-dev] Time-based release schedule and GnuTLS v2.2 plans

Simon Josefsson simon at josefsson.org
Mon Sep 17 18:35:47 CEST 2007


Yoshisato YANAGISAWA <yanagisawa at csg.is.titech.ac.jp> writes:

> On Tue, 11 Sep 2007 11:00:36 +0200
> Simon Josefsson <simon at josefsson.org> wrote:
>
>> I like the time-based release schedule of Gnome, Ubuntu etc, so I'd
>> like to do the same for GnuTLS.  I'm thinking of having 3 stable
>
> A periodic releasing should be a good idea to show activity.

Thanks for feedback on that.

>> We need to begin planning for v2.2 as well.  Here are some ideas:
>> 
>> * Integrate CAMELLIA support, we have a patch and copyright papers but
>>   the patch need some attention.
>
> I update the camellia patch for v2.0.  However, the patch need libgcrypt
> (>= 1.3.0) with camellia enabled.
> http://www.is.titech.ac.jp/~yanagis0/text/camellia/gnutls-2.0.0.patch
> http://www.is.titech.ac.jp/~yanagis0/text/camellia-e.html

Thanks!

> Does somebody know an autoconf-option to check ciphers supported by
> libgcrypt?

It would not be fool-proof, so I suggest that only a warning is given in
case the test fails, but the following test could work:

 libgcrypt-config --algorithms | grep -i camellia

What do you think?

I don't think we can require libgcrypt 1.3.0+ yet.  Perhaps configure
could disable camellia support if a sufficient recent libgcrypt is not
detected?

Btw, in gnutls_priority.c, the cipher_priority array is intended to be
sorted by preference.  I believe it is too early to prefer Camellia over
AES and even 3DES by default today.  Preferring Camellia over Arcfour
may be a good idea though, we don't want to recommend arcfour to anyone.
So please move camellia down a bit in the cipher_priority array.
Opinions on this choice from others is very welcome.

/Simon



More information about the Gnutls-dev mailing list