LSB-Futures Tracker

LSB-Futures Tracker - SSL
Current status of SSL in the LSB Futures process
Disclaimer

Phase 1 - Identification
Abstract	Secure Socket Layer and Transport Layer Security ssl is a security protocol that provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. ssl is an IETF draft standard
Version	$Revision: 1.12 $
Generated	$Date: 2006/06/22 12:12:12 $
Status	Active
Status	Main issue is resources.
Group	Security
Number	#022
Number	Assigned 2004-08-06
Demand	Yes
Demand	Several requests and it has turned up in several usage studies. Mail clients and other crypto related packages use either libraries or command-line utilities or both.
License	Unknown
License	OpenSSL comes with a free license allowing for both commercial and non-commercial use. It is actually dual licensed under two BSD-style licenses which meet the presently laid down licensing criteria (which is subject to revision.) The following is the "OpenSSL license". The second license not listed here, is the SSLeay license which is the original license under which this package was released. However, due to patent issues one has to configure OpenSSL so as not to use IDEA, MDC2 and RC5. (This has to be the norm if the library and the tools are to be included in LSB.) Following information is from the "README". RC5 is patented by "RSA Security" RC4 is a registered trademark of "RSA Security" The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy, Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA. MDC2 algorithm is patented by IBM (does IBM free up their patents for potential use in such cases:FIXME)
Bestpractice	Yes
Bestpractice
Stable	Yes
Stable
Depends	Yes
Depends	libc
Phase 2 - Investigation
Rationale	Yes
Rationale	Most secure communication mechanisms are based on SSL these include mail(IMAP/POP/SMTP),web-servers Standard on most major distributions
Upstream	Unknown
Upstream	Need to confirm. ChangeLog indicates minor changes in exported API between successive subversions. 0.9.7a -> 0.9.7h indicate fewer changes, while 0.9.7h -> 0.9.8 show deprecated API being removed. Documentation indicates that major API changes will be avoided towards an approaching a 1.0.0 release.
Distros	Unknown
Distros	All distros ship it, we need to contact them.
Versions	Unknown
Versions	v0.9.7(a\|b\|d\|e) shipped with NLD9 SP2 Ubuntu 5.04 RHEL 4 Suse 9.3Pro RedFlag4.1 SP2 RC1 Neoshine 2.0.2 build12 Mandriva 10.2 Debian/Progeny
Patches	Yes
Patches	Minor API wrappers, Optimisations and Predominantly Distribution specific scripts.
I18n	Unknown
I18n
Resources	Maybe
Resources	Codito has offered resources to deliver the specification. Still need commitments for other deliverables.
Phase 3 - Implementation
Db	No
Db
Spec	No
Spec
Test	Yes
Test	in-built test scaffold available on "make test" OpenSSL comes with an extensive test suite for each algorithm implemented within the libraries. This is especially important because all other applications depend on these algorithms to ensure confidentiality and authenticity
Devel	No
Devel
Sample	No
Sample
Appbat	Maybe
Appbat	Some existing appbatt applications like apache or samba can use ssl, it would need to be turned on.
Notes

Return to main candidate tracker page
Last generated on Thu Jun 22 12:05:53 2006 GMT.