Update release documentation for OQS-OpenSSH snapshot 2024-08 (#171)

open-quantum-safe · Aug 28, 2024 · 4afbf05 · 4afbf05
1 parent b89166e
commit 4afbf05
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 14 deletions.
diff --git a/README.md b/README.md
@@ -1,14 +1,10 @@
-[![CircleCI](https://circleci.com/gh/open-quantum-safe/openssh/tree/OQS-v8.svg?style=svg)](https://circleci.com/gh/open-quantum-safe/openssh/tree/OQS-v8)
-
 OQS-OpenSSH
 ==================================
 
 [OpenSSH](https://openssh.org/) is an open-source implementation of the Secure Shell protocol.  ([View the original README](https://github.com/open-quantum-safe/openssh-portable/blob/OQS-master/README.original.md).)
 
 OQS-OpenSSH is a fork of OpenSSH that adds quantum-safe key exchange and signature algorithms using [liboqs](https://github.com/open-quantum-safe/liboqs) for prototyping and evaluation purposes. This fork is not endorsed by the OpenSSH project.
 
-THIS PROJECT IS PRESENTLY INACTIVE. CONTRIBUTORS WANTED.
-
 - [Overview](#overview)
 - [Status](#status)
   * [Limitations and Security](#limitations-and-security)
@@ -31,7 +27,7 @@ Both liboqs and this fork are part of the **Open Quantum Safe (OQS) project**, w
 
 ## Status
 
-This fork is currently based on OpenSSH version **8.9** (Git tag V_8_9_P1); release notes can be found [here](RELEASE.md). **IT IS AT AN EXPERIMENTAL STAGE**, and has not received the same level of auditing and analysis that OpenSSH has received. See the [Limitations and Security](#limitations-and-security) section below for more information.
+This fork is currently based on OpenSSH version **9.7** (Git tag V_9_7_P1); release notes can be found [here](RELEASE.md). **IT IS AT AN EXPERIMENTAL STAGE**, and has not received the same level of auditing and analysis that OpenSSH has received. See the [Limitations and Security](#limitations-and-security) section below for more information.
 
 **WE DO NOT RECOMMEND RELYING ON THIS FORK TO PROTECT SENSITIVE DATA.**
 
@@ -225,6 +221,7 @@ Contributors to this fork of OpenSSH include:
 - Douglas Stebila (University of Waterloo)
 - Goutam Tamvada (University of Waterloo)
 - Michael Baentsch
+- Gerardo Ravago (Amazon Web Services)
 
 Contributors to an earlier OQS fork of OpenSSH included:
 

diff --git a/RELEASE.md b/RELEASE.md
@@ -1,4 +1,4 @@
-OQS-OpenSSH snapshot 2023-10
+OQS-OpenSSH snapshot 2024-08
 ============================
 
 About
@@ -13,20 +13,29 @@ The **Open Quantum Safe (OQS) project** has the goal of developing and prototypi
 Release notes
 =============
 
-This is the 2023-10 snapshot release of OQS-OpenSSH, released on October 21, 2023. This release is intended to be used with liboqs version 0.9.0.
+This is the 2024-08 snapshot release of OQS-OpenSSH, released on August 30, 2024. This release is intended to be used with liboqs version 0.10.1.
 
 What's New
 ----------
 
-This is the seventh snapshot release of the OQS fork of OpenSSH.  It is based on OpenSSH 8.9 portable 1.
+This is the eighth snapshot release of the OQS fork of OpenSSH.  It is based on OpenSSH 9.7 portable 1.
 
-- Update algorithm list in line with `liboqs` v0.9.0.
+- Updated fork to track upstream OpenSSH 9.7.
+- Update algorithm list in line with `liboqs` v0.10.1.
+  + Introduces generic support for ML-KEM-IPD, ML-DSA-IPD, SNTRUP, BIKEr4, MAYO, and Falcon (Padded).
+  + Support for ML-KEM and ML-DSA is provided using a `liboqs` alias which will update from the IPD versions to the final FIPS-203 and FIPS-204 standards when they are available in the underlying `liboqs`.
+- Added support for x25519 hybrid key exchange algorithms.
+  + Working interop support for `[email protected]` key exchange.
+  + Working interop support for `[email protected]` key exchange.
+- Support for all ML-KEM based hybrid key exchanges in https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/
+  + `mlkem768nistp256-sha256`, `mlkem1024nistp384-sha384`, `mlkem768x25519-sha256`
+  + For the `0.10.1` release of `liboqs`, these will be backed by the IPD versions of the algorithm.
+- Migrated from CircleCI to Github Actions.
 
 ---
 
 Detailed changelog
 ------------------
 
-* Update IDs to reflect updated McEliece in liboqs v0.9.0 in https://github.com/open-quantum-safe/openssh/pull/148
-
-**Full Changelog**: https://github.com/open-quantum-safe/openssh/compare/OQS-OpenSSH-snapshot-2023-06...OQS-OpenSSH-snapshot-2023-10
+**Full Changelog**: https://github.com/open-quantum-safe/openssh/compare/OQS-v8...b89166ed6ff4eb9af7cbc5dc5c82049ebda388df
+**Full Changelog (Omitting upstream merge): https://github.com/open-quantum-safe/openssh/compare/ac7c26b9e042fae7816eecaba9904e63bb706d12...b89166ed6ff4eb9af7cbc5dc5c82049ebda388df
diff --git a/version.h b/version.h
@@ -1,6 +1,6 @@
 /* $OpenBSD: version.h,v 1.101 2024/03/11 04:59:47 djm Exp $ */
 
-#define SSH_VERSION	"OpenSSH_9.7-2022-01_"
+#define SSH_VERSION	"OpenSSH_9.7-2024-08_"
 
 #define SSH_PORTABLE	"p1"
-#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE ", Open Quantum Safe 2022-08"
+#define SSH_RELEASE	SSH_VERSION SSH_PORTABLE ", Open Quantum Safe 2024-08"