Meeting Date: 2022-09-06
Minutes taken by: Martin
Attendees:
    Dmitry Belyavskiy
    Tomas Mraz
    Richard Levitte
    Matthias St. Pierre
    Shane Lontis
    Pauli
    Nicola

External attendees:
    Hugo
    Ales
    Martin
    Daniel

Agenda:

    * Nominate a minute taker and confirm agenda
    * Agree minutes from previous meeting
    * Ales Marecek introduction - new DevOps in OpenSSL
    * Review outstanding action
    * RX Depacketizer design
    * Review outstanding security issues
    * Review issues with OTC hold (30 minutes)
    * Review draft technical policies
    * Agree agenda for next meeting
    * AOB

** Nominate a minute taker and confirm agenda

Martin volunteered to take the minutes.
Proposed: Tomas, seconded: Matthias

Agenda for the meeting agreed. Proposed: Tomas, seconded: Pauli

** Agree minutes from previous meeting

Minutes from previous meeting were agreed. Proposed: Tomas, seconded: Dmitry 

** Ales Marecek introduction

Our new DevOps force. 
How about buildbot efforts. Mostly Richard domain (specially development of this)
but Ales will help too. 

** Review outstanding actions

AI: Matt to create a proposal on return values and return value types for new
code.
Not done. 

AI: Tomas to create a draft blog post about changing defaults for enabled DH
params.
Not done. 

AI: Martin to propose some metrics on outstanding GH PRs and issues.
Not done. 

AI: Richard to propose alternatives for what to do with the duplicate
ERR_raise() calls right after failed OPENSSL_*alloc() and also the ERR_raises
after the other _new() call failures.
Not done. 

** RX Depacketizer design

The design document already merged. 
Implementation is almost ready for your review. 
Tests are being added. 

** Review outstanding security issues

We discussed outstanding security issues.

** Review issues with OTC hold (30 minutes)

#18973 - Increase size limits of RFC values
 Tomas: I really don't think this should be merged. 
 Pauli: Agree, unless there is a authoritative source to say yes. 
 Closed with comment.
#19105 - Add function to generate a public key from private
 Tomas: actually, we have agreed in one of the previous meetings already
 Tomas: But we didn't vote, and it is not in the mintues since it was long time
 ago. 
 Tomas: to propose a vote with the text: 
 "For all currently implemented algorithms, where it is possible, if the public 
 key component is missing when a key is imported into a provider, the public 
 key component should be computed."

** Review draft technical policies

We don't have any.

** Agree agenda for next meeting

    * Nominate a minute taker and confirm agenda
    * Agree minutes from previous meeting
    * Review outstanding actions
    * Plan for re-triage process for stalled issues and PRs
    * Discuss 17662 (Config option to limit algorithm usage)
    * Review outstanding security issues
    * Review issues with OTC hold (30 minutes)
    * Review draft technical policies
    * Agree agenda for next meeting
    * AOB

** AOB

Tomas: I might have some proposal for re-triage process for outstanding PRs. 
Does OTC wants to be involved in this? Yes, Martin added this topic to the agenda.
Dmitry: propose update about RFC8446: 
https://datatracker.ietf.org/doc/html/draft-ietf-tls-rfc8446bis-04

** New and carried over action items [transported from above]:

AI: Matt to create a proposal on return values and return value types for new
code.

AI: Tomas to create a draft blog post about changing defaults for enabled DH
params.

AI: Martin to propose some metrics on outstanding GH PRs and issues.

AI: Richard to propose alternatives for what to do with the duplicate
ERR_raise() calls right after failed OPENSSL_*alloc() and also the ERR_raises
after the other _new() call failures.