blob: 763e7edb4653cfe8aeddd2b42fb21ca409ade40a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
Meeting Date: 2022-10-25
Minutes taken by: Hugo
Attendees:
Hugo Landau
Dmitry Belyavskiy
Matthias St Pierre
Tomas Mraz
Matt Caswell
Richard Levitte
Shane Lontis
Paul Dale
External attendees:
Daniel Fiala
Martin Koci
Agenda:
* Nominate a minute taker and confirm agenda
* Agree minutes from previous meeting
* Review outstanding actions
* Review outstanding security issues
* 3.1 release PRs and issues
* FIPS 140-3
* Review issues with OTC hold (30 minutes)
* Review draft technical policies
* Agree agenda for next meeting
* AOB
** Nominate a minute taker and confirm agenda
Hugo volunteered to take the minutes.
Proposed: Hugo, seconded: Matt
Agenda for the meeting agreed. Proposed: Hugo, seconded: Matt
** Agree minutes from previous meeting
Minutes from previous meeting were agreed. Proposed: Hugo, seconded: Tomas
** Review outstanding actions
AI: Richard to create instructions on how to add an OTC member.
Not done
AI: Martin to email information about the OTC F2F meeting plan to the OTC list
Done
AI: Matt to create a proposal on return values and return value types for new
code.
Not done
AI: Martin to email information on his proposals for measuring outstanding GH
PRs and issues to the OTC list
Done
AI: Hugo to write improved process proposal in next sprint
Not done
AI: Hugo to write a proposed change to the test policy
to add four tracking labels classifying if a PR needs or has tests
Done
AI: Nicola requests that people read the latest comments in the EC
compression (#16624, #18320).
Not done
** Review outstanding security issues
We discussed outstanding security issues.
** 3.1 release PRs and issues
Tomas created a list of 150 PRs for backport to 3.1
No objections were raised to using this list as a starting point
Objections may be raised by OMC tomorrow
We will do the review in batches. We will keep the approvals
of the original PRs and keep the approval headers in the commits.
In the meantime, PRs which cherrypick cleanly to 3.0 and 3.1 can
simply be merged.
PRs which don't cherrypick cleanly will have to wait for the batches
of cherry picks to complete and will be reviewed afterwards.
** FIPS 140-3
AI: Pauli to consider options for implementing KAT using deterministic RNG
in a safer manner
** Review issues with OTC hold (30 minutes)
#19401 (make CMAC properly fail if cipher is not CBC mode):
- Can this be backported to 3.0?
OTC: No
- Can this be backported to 3.1?
OTC: Yes
#19419 (finer grained error records for provider load init failures)
- Can this be backported to 3.0?
OTC: Yes, this is a bug and the fix can be backported
#19489 (remove old RSA CRT names)
- There was consensus that where and when this is fixed, it should be fixed
via a compile time breaking change and not a runtime breaking change.
- There was consensus that this should be fixed in 4.0 at the latest.
- OTC: We do not want to make the breaking changes proposed in 3.x. Some parts
of the PR are still OK for 3.x and should be split into a separate PR.
- Documentation in 3.x should be updated to warn against using these defines.
** Review draft technical policies
#57 (revise testing policy with labels)
- Pauli suggested if tests: deferred is used, the person adding the label
should create an issue for the tests at the same time.
We decided against updating the proposal at this time.
This could be proposed in a future policy change.
- We discussed the proposed testing policy. There were no objections.
OTC: This should be put to a vote once the two week period is up.
** Agree agenda for next meeting
* Nominate a minute taker and confirm agenda
* Agree minutes from previous meeting
* Discussion of Buildbot CI issues
* Review outstanding actions
* Review outstanding security issues
* EC compression format compatibility discussion
* Review issues with OTC hold (30 minutes)
* Review draft technical policies
* Agree agenda for next meeting
* AOB
** AOB
We discussed possible locations and dates for an OTC F2F meeting.
Dmitry proposed this be discussed further via email.
We discussed Buildbot CI issues and agreed to schedule this for the
next meeting.
[Matthias left the meeting.]
** New and carried over action items [transported from above]:
AI: Richard to create instructions on how to add an OTC member.
AI: Matt to create a proposal on return values and return value types for new
code.
AI: Hugo to write improved design process proposal
AI: Nicola requests that people read the latest comments in the EC
compression (#16624, #18320).
|