Switch up the roadmap

TLS v1.3 is specified and final, whereas the PAKEs and PQ schemes
are still in flux.

1 files changed, 23 insertions, 37 deletions

diff --git a/doc/roadmap.rst b/doc/roadmap.rst
index c5a25c3df..ab73e0e87 100644
--- a/doc/roadmap.rst
+++ b/doc/roadmap.rst
@@ -6,7 +6,7 @@ Near Term Plans
 ----------------------------------------
 
 Here is an outline for the development plans over the next 12-18 months, as of
-April 2019.
+June 2019.
 
 TLS Hardening/Testing
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -20,49 +20,35 @@ Expose TLS at FFI layer
 
 Exposing TLS to C would allow for many new applications to make use of Botan.
 
-Post-Quantum CCA2 Encryption
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+TLS v1.3
+^^^^^^^^^^^^^^^
 
-Which scheme(s) to implement is open to question. HRSS is one possiblity.
-But providing at least one PQ-secure CCA2 encryption scheme would be very
-useful for TLS, PGP, and other protocols.
+A complete implementation of TLS v1.3 is planned. DTLS v1.3 may or may not be
+supported as well.
 
-Password Authenticated Key Exchanges
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Adding support for modern PAKE algorithms (such as SPAKE2+ or OPAQUE),
-including encrypted database backed storage for verifiers.
-
-Elliptic Curve Pairings
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-These are useful in many interesting protocols. Initially BN curves are the main
-target (particularly BN-256 for compatibility with Go's bn256 module) but likely
-we'll also want BLS curves.
+Botan 3.x
+----------------------------------------
 
-And possibly some functionality built on top of pairings, such as identity based
-encryption.
+Botan 3 is currently planned for release in mid 2020. Botan 2 will remain
+supported for several years, to allow time for applications to switch over.
 
-ASN.1 Redesign
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+This version will adopt C++17 and use new std types such as string_view,
+optional, and any, along with adopting memory span and guarded integer
+types. All deprecated features/APIs of 2.x (which notably includes TLS v1.0/v1.1
+support) will be removed. Beyond explicitly deprecated functionality, there
+should be no breaking API changes in the transition to 3.x
 
-Design and build a new ASN.1 encoding/decoding library which is easier to use
-and more efficient (fewer memory copies, etc). For at least 2.x this new ASN.1
-code will exist in parallel with the existing library to avoid breaking applications.
+Features currently targetted for Botan 3 include
 
-Longer View (Future Major Release)
-----------------------------------------
+* New post-quantum algorithms: especially a CCA2 secure encryption scheme and a
+  lattice-based signature scheme are of interest.
 
-Eventually (currently estimated for mid 2020), Botan 3.x will be released.
-This schedule allows some substantial time with Botan 2.x and 3.x supported
-simultaneously, to allow for application switch over.
+* Password Authenticated Key Exchanges: one or more modern PAKEs
+  (such as SPAKE2+ or OPAQUE) to replace SRP.
 
-This version will adopt C++17 and use new std types such as string_view,
-optional, and any, along with adopting memory span and guarded integer
-types.
+* Elliptic Curve Pairings: useful in many interesting protocols.
+  BN-256 and BLS12-381 seem the most likely.
 
-In this future 3.x release, all deprecated features/APIs of 2.x (which notably
-includes TLS v1.0/v1.1 support) will be removed. Beyond explicitly deprecated
-functionality, there should be no breaking API changes in the transition to 3.x
+* New ASN.1 library
 
-Botan 3.x will likely be the first version to support TLS 1.3.
+Some of these features may end being backported to Botan 2 as well.