Closed owen126315 closed 4 months ago
From https://github.com/Mbed-TLS/mbedtls/releases
Mbed TLS 2.28 is a long-time support branch. It will be supported with bug-fixes and security fixes until end of 2024.
So yes, sounds like there should be plans to migrate to the version 3 release.
@steven-bellock sound great!, thanks
Hi @steven-bellock
I'm working on TF-RMM project [1]. And we are in progress of integrating libspdm in RMM to provide SPDM requester side capabilities for Device Assignment use case (Trusted IO). As part of this work we have updated mbedtls in libspdm to use 3.+ version [2]. I recently saw this issue#2709 and am planning to raise a pull request for this issue. Please have a look. Thanks!
[1] https://tf-rmm.readthedocs.io/en/latest/index.html [2] https://review.trustedfirmware.org/c/TF-RMM/tf-rmm/+/28567
@arugan02 , thanks for the work. Assign this to you.
This was completed by #2711.
The mbedtls inside libspdm is version 2.28.1. It is fine for current SPDM implementation. Yet, according to mbedtls 3.0 development plan, upgrade and support for version LTS 2.x will be stopped by mid 2024.
Is there any plan to upgrade it to 3.0+ to make sure the libspdm can get continuous support and bug fix from mbedtls team.
https://lists.trustedfirmware.org/archives/list/mbed-tls-announce@lists.trustedfirmware.org/thread/SB42NEOHUIVVVTPA2H37XXUDVNEGTDRG/[](url)