blob: ab73e0e87152288d819231db6810c92211022e60 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
Development Roadmap
========================================
Near Term Plans
----------------------------------------
Here is an outline for the development plans over the next 12-18 months, as of
June 2019.
TLS Hardening/Testing
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Leverage TLS-Attacker better, for example using custom workflows. Add tests
using BoringSSL's hacked Go TLS stack. Add interop testing with OpenSSL as part
of CI. Improve fuzzer coverage.
Expose TLS at FFI layer
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Exposing TLS to C would allow for many new applications to make use of Botan.
TLS v1.3
^^^^^^^^^^^^^^^
A complete implementation of TLS v1.3 is planned. DTLS v1.3 may or may not be
supported as well.
Botan 3.x
----------------------------------------
Botan 3 is currently planned for release in mid 2020. Botan 2 will remain
supported for several years, to allow time for applications to switch over.
This version will adopt C++17 and use new std types such as string_view,
optional, and any, along with adopting memory span and guarded integer
types. All deprecated features/APIs of 2.x (which notably includes TLS v1.0/v1.1
support) will be removed. Beyond explicitly deprecated functionality, there
should be no breaking API changes in the transition to 3.x
Features currently targetted for Botan 3 include
* New post-quantum algorithms: especially a CCA2 secure encryption scheme and a
lattice-based signature scheme are of interest.
* Password Authenticated Key Exchanges: one or more modern PAKEs
(such as SPAKE2+ or OPAQUE) to replace SRP.
* Elliptic Curve Pairings: useful in many interesting protocols.
BN-256 and BLS12-381 seem the most likely.
* New ASN.1 library
Some of these features may end being backported to Botan 2 as well.
|
