All, I should have added the +1 to my original email. So ... +1.
John Jeff Cai wrote: > The project team will update the man pages before the integration. > > Thanks > > Jeff > > On 02/27/09 14:26, Margot Miller wrote: >> Hey, >> >> It looks like there are new interfaces according to the >> technical description, which are just new interfaces >> to libgnutls.so.26 and libgnutlsxx.so.26. If that is >> the case and the man pages reflect that, then +1. >> >> Thanks >> Margot >> >> >> John Fischer wrote: >>> All, >>> >>> Please note that this project also includes the appropriate >>> 64-bit library and 64-bit pkg-config file. >>> >>> Thanks, >>> >>> John >>> >>> On Thu, 2009-02-12 at 04:50, Shi-Ying Irene Huang wrote: >>>> Template Version: @(#)sac_nextcase %I% %G% SMI >>>> This information is Copyright 2009 Sun Microsystems >>>> 1. Introduction >>>> 1.1. Project/Component Working Name: >>>> Gnutls update to 2.6 >>>> 1.2. Name of Document Author/Supplier: >>>> Author: Jeff Cai >>>> 1.3 Date of This Document: >>>> 12 February, 2009 >>>> 4. Technical Description >>>> 1. Introduction >>>> 1.1. Project/Component Working Name: >>>> >>>> GnuTLS Update for 2.6.3 >>>> >>>> 1.2. Name of Document Author/Supplier: >>>> Author: Jeff Cai >>>> Sponser: Irene Huang >>>> >>>> 1.3. Date of This Document: >>>> >>>> 02/06/2009 >>>> >>>> 1.4. Name of Major Document Customer(s)/Consumer(s): >>>> >>>> 1.4.1. The PAC or CPT you expect to review your project: >>>> >>>> Solaris PAC >>>> >>>> 1.4.2. The ARC(s) you expect to review your project: >>>> >>>> LSARC >>>> >>>> 1.4.3. The Director/VP who is "Sponsoring" this project: >>>> >>>> Robert O'Dea >>>> >>>> 1.4.4. The name of your business unit: >>>> >>>> Software - OPG >>>> >>>> 1.5. Email Aliases: >>>> 1.5.1. Responsible Manager: harry.lu at sun.com >>>> 1.5.2. Responsible Engineer: jeff.cai at sun.com >>>> 1.5.3. Marketing Manager: glynn.foster at sun.com >>>> 1.5.4. Interest List: brian.cameron at sun.com >>>> darren.moffat at sun.com >>>> wyllys.ingersoll at sun.com >>>> >>>> 2. Project Summary >>>> 2.1. Project Description: >>>> GnuTLS provides a secure layer, over a reliable >>>> transport layer. Currently the GnuTLS library implements the >>>> proposed standards by the IETF's TLS working group. >>>> >>>> This fast-track increments the version of GnuTLS in Solaris >>>> from 2.2.4 to 2.6.3. >>>> >>>> 3. Technical Description: >>>> 3.1. Details: >>>> GnuTLS is a modern C library that implements the standard >>>> network >>>> security protocol Transport Layer Security (TLS), for use by >>>> network >>>> applications. >>>> A number of projects in the Solaris Desktop such as Evolution, >>>> Pidgin, >>>> Ekiga and Vino depend on it. The latest stable >>>> version of GnuTLS is 2.6.3. >>>> GnuTLS 2.6.0 has interface changes, but 2.6.1 through 2.6.3 are >>>> bugfix only releases. >>>> >>>> Compared with the previously integrated version, GnuTLS 2.2.4, >>>> the new >>>> version adds following features: >>>> >>>> * Full OpenPGP support is part of libgnutls, licensed under >>>> the LGPL. >>>> * The PSK sub-system has been improved and now supports >>>> password >>>> derivation and PSK identity hints. >>>> * The default handshake size limit has been increased to 48kb. >>>> The earlier limit was 16kb. The handshake messages contain >>>> all handshake >>>> messages between a client and a server only if they >>>> communicate in >>>> TLS protocol. The reason for restricting the handshake >>>> message size is to limit Denial of Service attacks. >>>> * New APIs to access the raw X.509 Subject and Issuer DN's and >>>> elements from the certificate credentials structure. >>>> * New APIs to improve working with username/passwords and PSK. >>>> * Names of constants to affect certificate printing changed. >>>> The constants are used for OpenPGP too, which the names >>>> didn't >>>> reflect, so the following name change has been made: >>>> >>>> Old name New name >>>> GNUTLS_X509_CRT_FULL GNUTLS_CRT_PRINT_FULL >>>> GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE >>>> GNUTLS_X509_CRT_UNSIGNED_FULL GNUTLS_CRT_PRINT_UNSIGNED_FULL >>>> The old names will be mapped to the new names for some time. >>>> * The function gnutls_openpgp_privkey_get_id has been >>>> renamed to >>>> gnutls_openpgp_privkey_get_key_id. >>>> A compatibility mapping exists to avoid breaking API >>>> backwards >>>> compatibility. >>>> * Replaced all uses of alloca with malloc and free. >>>> * Remove code to import certificate chains in PKCS#7 format. >>>> The code has not worked since v0.9.0 and apparently nobody >>>> has missed >>>> it, so the community decided to remove the code rather >>>> than fix it. If you have >>>> old certificate chains stored in PKCS#7 format, you can >>>> convert them >>>> to a list of PEM certificates by using 'certtool >>>> --p7-info'. * Added API to replace and update the crypto >>>> backend. >>>> A new header file <gnutls/crypto.h> has been added. It >>>> contains >>>> definitions related to replacing the internal crypto >>>> functionality. >>>> All definitions and the header itself are experimental but >>>> supported. >>>> * gnutls_x509_crt_set_subject_alt_name() was added. It can >>>> either set or append alternative names. It can also handle >>>> binary structures >>>> such as IP addresses. >>>> * New function to set minimum acceptable SRP bits. >>>> * Add interface to deal with public key and signature >>>> algorithms. >>>> * New interfaces to get name of public key and signing >>>> algorithms. >>>> * New API to get a string corresponding to a error symbol. >>>> * New API to set the public parameters in a certificate request >>>> from a private key. >>>> * New API to set a callback to extract TLS Finished data. >>>> * Fix namespace problem with TLS_MASTER_SIZE and >>>> TLS_RANDOM_SIZE. >>>> The new names are GNUTLS_MASTER_SIZE and >>>> GNUTLS_RANDOM_SIZE. The old >>>> names are mapped to the new names in compat.h. These >>>> mappings will >>>> likely be removed more quickly than other mappings in that >>>> file due to >>>> the namespace violation. >>>> * New interface to register a new TLS extension handler. >>>> The new function gnutls_ext_register can be used to >>>> register handlers >>>> for specific TLS extension types. The callback functions >>>> have the new >>>> types gnutls_ext_recv_func and gnutls_ext_send_func. A >>>> type to >>>> classify TLS extensions, gnutls_ext_parse_type_t, has been >>>> added as well. >>>> >>>> 3.2. Interfaces: >>>> Exported Interfaces >>>> Interface Classification >>>> Comments >>>> --------------- -------------- >>>> ----------------------- >>>> SUNWgnutls Uncommitted >>>> Package name (unchanged) >>>> SUNWgnutls-devel Uncommitted >>>> Package name (unchanged) >>>> >>>> /usr/lib/libgnutls.so.26 Volatile C >>>> library (unchanged) >>>> /usr/lib/libgnutlsxx.so.26 Volatile C++ >>>> library (unchanged) >>>> >>>> /usr/share/aclocal/libgnutls.m4 Volatile >>>> (unchanged) >>>> /usr/lib/pkgconfig/gnutls.pc Volatile >>>> (unchanged) >>>> /usr/include/gnutls/gnutls.h Volatile >>>> (unchanged) >>>> /usr/include/gnutls/gnutlsxx.h Volatile >>>> (unchanged) >>>> /usr/include/gnutls/pkcs12.h Volatile >>>> (unchanged) >>>> /usr/include/gnutls/compat.h Volatile >>>> (unchanged) >>>> /usr/include/gnutls/x509.h Volatile >>>> (unchanged) >>>> /usr/bin/libgnutls-config Volatile >>>> (unchanged) >>>> /usr/share/man/man1/libgnutls-config Volatile >>>> (unchanged) >>>> /usr/share/man/man3/libgnutls.3 Volatile >>>> (unchanged) >>>> /usr/share/man/man3/libgnutlsxx.3 Volatile >>>> (unchanged) >>>> /usr/share/doc/SUNWgnutls/AUTHORS Volatile >>>> (unchanged) >>>> /usr/share/doc/SUNWgnutls/NEWS.bz2 Volatile >>>> (unchanged) >>>> /usr/share/doc/SUNWgnutls/README Volatile >>>> (unchanged) >>>> /usr/share/doc/SUNWgnutls/ Volatile >>>> (unchanged) >>>> COPYING.LIB.bz2 >>>> >>>> /usr/include/gnutls/openpgp.h Volatile (added) >>>> /usr/include/gnutls/crypto.h Volatile (added) >>>> >>>> Imported Interfaces >>>> Interface Classification >>>> Comments >>>> --------------- --------------- >>>> --------------------- >>>> /usr/lib/libgcrypt.so.11 Volatile >>>> (unchanged) >>>> >>>> LSARC/2008/390/ >>>> >>>> /usr/lib/libtasn1.so.3 Volatile >>>> (added) >>>> >>>> LSARC/2008/341/ >>>> >>>> /usr/lib/libz.so.1 Committed >>>> (unchanged) >>>> >>>> PSARC/2006/537 >>>> >>>> 3.3. Packaging & Delivery: >>>> SUNWgnutls(base package) - base package >>>> for binaries >>>> SUNWgnutls-devel (development package) - development >>>> package for >>>> header and documents >>>> >>>> 3.4. Dependencies: >>>> libgnutls depends on libtasn1, libgcrypt and zlib. >>>> >>>> 3.5 References >>>> Sun Evolution LSARC/2003/298/ >>>> libtasn1 LSARC/2008/390/ >>>> GnuTLS Update for 2.2.4 LSARC/2008/341/ >>>> >>>> 4. Resources and Schedule: >>>> 4.1. Product Approval Committee requested information: >>>> 4.1.1. Consolidation Name: >>>> >>>> Desktop Cteam/GNOME >>>> >>>> 4.1.2. Contributing OpCo/BU/Division Name: >>>> >>>> Desktop Solutions >>>> >>>> 4.1.3. Type of PAC Review and Approval expected: >>>> >>>> FastTrack >>>> >>>> 5. References >>>> Project website: http://www.gnu.org/software/gnutls/ >>>> GnuTLS 2.4.0 Release News: >>>> http://article.gmane.org/gmane.network.gnutls.general/1282 >>>> GnuTLS 2.6.0 Release News: >>>> >>>> http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3135 >>>> >>>> >>>> >>>> 6. Resources and Schedule >>>> 6.4. Steering Committee requested information >>>> 6.4.1. Consolidation C-team Name: >>>> Desktop >>>> 6.5. ARC review type: FastTrack >>>> 6.6. ARC Exposure: open >>>> >>> >> >
