Template Version: @(#)sac_nextcase 1.66 04/17/08 SMI This information is Copyright 2008 Sun Microsystems 1. Introduction 1.1. Project/Component Working Name: GnuTLS Update 1.2. Name of Document Author/Supplier: Author: Jeff Cai 1.3 Date of This Document: 26 May, 2008 4. Technical Description 1. Introduction 1.1. Project/Component Working Name:
GnuTLS 1.2. Name of Document Author/Supplier: Author: Jeff Cai Sponser: Irene Huang 1.3. Date of This Document: 05/22/2008 1.4. Name of Major Document Customer(s)/Consumer(s): 1.4.1. The PAC or CPT you expect to review your project: Solaris PAC 1.4.2. The ARC(s) you expect to review your project: LSARC 1.4.3. The Director/VP who is "Sponsoring" this project: Robert O'Dea 1.4.4. The name of your business unit: Software - OPG 1.5. Email Aliases: 1.5.1. Responsible Manager: harry.lu at sun.com 1.5.2. Responsible Engineer: jeff.cai at sun.com 1.5.3. Marketing Manager: 1.5.4. Interest List: brian.cameron at sun.com darren.moffat at sun.com wyllys.ingersoll at sun.com 2. Project Summary 2.1. Project Description: GnuTLS provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF's TLS working group. This fast-track increments the version of GnuTLS in Solaris from 1.6.3 to 2.2.4. 3. Technical Description: 3.1. Details: GnuTLS is a modern C library that implements the standard network security protocol Transport Layer Security (TLS), for use by network applications. A number of projects in Solaris Desktop such as Evolution, Pidgin, Ekiga and Vino depend on it. The latest stable version of GnuTLS is 2.2.4. Compared with the previously integrated version, GnuTLS 1.6.3, the new version adds following features: * Support for external RSA/DSA signing for TLS client authentication. This allows you to secure the private key better, for example by using privilege-separation techniques between the private key and the network client/server. * Support for signing X.509 certificates using RSA with SHA- 256/384/512. * Support for X.509 Proxy Certificates (RFC 3820) * Support for Supplemental handshakes messages (RFC 4680). * Support for TLS authorization extension (draft-housley-tls-authz- extns-07). * Many bugfixes and minor improvements. * SRP support aligned with newly published RFC 5054. Note: GnuTLS was imported by Evolution at the earliest and there's no seperate ARC material was provided at that time. 3.2. Interfaces: Exported Interfaces Interface Classification Comments --------------- -------------- ----------------------- SUNWgnutls Uncommitted Package name (unchanged) SUNWgnutls-devel Uncommitted Package name (unchanged) /usr/lib/libgnutls.so.26 Volatile C library (changed) /usr/lib/libgnutlsxx.so.26 Volatile C++ library (changed) /usr/lib/pkgconfig/gnutls.pc Volatile (unchanged) /usr/share/aclocal/libgnutls.m4 Volatile (unchanged) /usr/include/gnutls/gnutls.h Volatile (unchanged) /usr/include/gnutls/gnutlsxx.h Volatile (unchanged) /usr/include/gnutls/pkcs12.h Volatile (unchanged) /usr/include/gnutls/compat.h Volatile (unchanged) Imported Interfaces Interface Classification Comments --------------- --------------- ----------------------- /usr/lib/libgcrypt.so.11 Volatile Removed Interfaces Interface Classification Comments --------------- --------------- ----------------------- /usr/lib/libgnutls-extra.so.13.3.0 Volatile /usr/lib/libgnutls-openssl.so.13.3.0 Volatile /usr/lib/pkgconfig/gnutls-extra.pc Volatile /usr/include/gnutls/extra.h Volatile /usr/include/gnutls/openssl.h Volatile /usr/share/aclocal/libgnutls-extra.m4 Volatile Note: The "extra" GnuTLS libraries -- which contains OpenPGP and TLS/IA support, LZO compression, the OpenSSL compatibility library -- and the self tests and command line tools are distributed under the GNU General Public License version 3.0 (or later), therefore, we remove them. 3.3. Packaging & Delivery: SUNWgnutls(base package) - base package for binaries SUNWgnutls-devel (development package) - develoment package for header and documents 3.4. Dependencies: libgnutls depends on libgcrypt, zlib. 3.5 References Sun Evolution LSARC/2003/298/ 4. Resources and Schedule: 4.1. Product Approval Committee requested information: 4.1.1. Consolidation Name: Desktop Cteam/GNOME 4.1.2. Contributing OpCo/BU/Division Name: Desktop Solutions 4.1.3. Type of PAC Review and Approval expected: FastTrack 5. References Project website: http://www.gnu.org/software/gnutls/ 6. Resources and Schedule 6.4. Steering Committee requested information 6.4.1. Consolidation C-team Name: Desktop 6.5. ARC review type: FastTrack 6.6. ARC Exposure: open