Template Version: @(#)sac_nextcase 1.66 04/17/08 SMI
This information is Copyright 2008 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
GnuTLS Update
1.2. Name of Document Author/Supplier:
Author: Jeff Cai
1.3 Date of This Document:
26 May, 2008
4. Technical Description
1. Introduction
1.1. Project/Component Working Name:
GnuTLS
1.2. Name of Document Author/Supplier:
Author: Jeff Cai
Sponser: Irene Huang
1.3. Date of This Document:
05/22/2008
1.4. Name of Major Document Customer(s)/Consumer(s):
1.4.1. The PAC or CPT you expect to review your project:
Solaris PAC
1.4.2. The ARC(s) you expect to review your project:
LSARC
1.4.3. The Director/VP who is "Sponsoring" this project:
Robert O'Dea
1.4.4. The name of your business unit:
Software - OPG
1.5. Email Aliases:
1.5.1. Responsible Manager: harry.lu at sun.com
1.5.2. Responsible Engineer: jeff.cai at sun.com
1.5.3. Marketing Manager:
1.5.4. Interest List: brian.cameron at sun.com
darren.moffat at sun.com
wyllys.ingersoll at sun.com
2. Project Summary
2.1. Project Description:
GnuTLS provides a secure layer, over a reliable transport layer.
Currently the GnuTLS library implements the proposed standards by the
IETF's TLS working group.
This fast-track increments the version of GnuTLS in Solaris
from 1.6.3 to 2.2.4.
3. Technical Description:
3.1. Details:
GnuTLS is a modern C library that implements the standard network
security protocol Transport Layer Security (TLS), for use by network
applications.
A number of projects in Solaris Desktop such as Evolution, Pidgin,
Ekiga and Vino depend on it.
The latest stable version of GnuTLS is 2.2.4.
Compared with the previously integrated version, GnuTLS 1.6.3, the new
version adds following features:
* Support for external RSA/DSA signing for TLS client authentication.
This allows you to secure the private key better, for example by
using privilege-separation techniques between the private key and
the network client/server.
* Support for signing X.509 certificates using RSA with SHA-
256/384/512.
* Support for X.509 Proxy Certificates (RFC 3820)
* Support for Supplemental handshakes messages (RFC 4680).
* Support for TLS authorization extension (draft-housley-tls-authz-
extns-07).
* Many bugfixes and minor improvements.
* SRP support aligned with newly published RFC 5054.
Note:
GnuTLS was imported by Evolution at the earliest and there's no
seperate ARC material was provided at that time.
3.2. Interfaces:
Exported Interfaces
Interface Classification Comments
--------------- --------------
-----------------------
SUNWgnutls Uncommitted Package name
(unchanged)
SUNWgnutls-devel Uncommitted Package name
(unchanged)
/usr/lib/libgnutls.so.26 Volatile C library
(changed)
/usr/lib/libgnutlsxx.so.26 Volatile C++ library
(changed)
/usr/lib/pkgconfig/gnutls.pc Volatile (unchanged)
/usr/share/aclocal/libgnutls.m4 Volatile (unchanged)
/usr/include/gnutls/gnutls.h Volatile (unchanged)
/usr/include/gnutls/gnutlsxx.h Volatile (unchanged)
/usr/include/gnutls/pkcs12.h Volatile (unchanged)
/usr/include/gnutls/compat.h Volatile (unchanged)
Imported Interfaces
Interface Classification Comments
--------------- ---------------
-----------------------
/usr/lib/libgcrypt.so.11 Volatile
Removed Interfaces
Interface Classification Comments
--------------- ---------------
-----------------------
/usr/lib/libgnutls-extra.so.13.3.0 Volatile
/usr/lib/libgnutls-openssl.so.13.3.0 Volatile
/usr/lib/pkgconfig/gnutls-extra.pc Volatile
/usr/include/gnutls/extra.h Volatile
/usr/include/gnutls/openssl.h Volatile
/usr/share/aclocal/libgnutls-extra.m4 Volatile
Note:
The "extra" GnuTLS libraries -- which contains OpenPGP and TLS/IA
support, LZO compression, the OpenSSL compatibility library --
and the self tests and command line tools are distributed under
the GNU General Public License version 3.0 (or later), therefore,
we remove them.
3.3. Packaging & Delivery:
SUNWgnutls(base package) - base package for binaries
SUNWgnutls-devel (development package) - develoment package for
header and documents
3.4. Dependencies:
libgnutls depends on libgcrypt, zlib.
3.5 References
Sun Evolution LSARC/2003/298/
4. Resources and Schedule:
4.1. Product Approval Committee requested information:
4.1.1. Consolidation Name:
Desktop Cteam/GNOME
4.1.2. Contributing OpCo/BU/Division Name:
Desktop Solutions
4.1.3. Type of PAC Review and Approval expected:
FastTrack
5. References
Project website: http://www.gnu.org/software/gnutls/
6. Resources and Schedule
6.4. Steering Committee requested information
6.4.1. Consolidation C-team Name:
Desktop
6.5. ARC review type: FastTrack
6.6. ARC Exposure: open
