From 9246550551d6e2217a23578f2aacd2301a730f14 Mon Sep 17 00:00:00 2001
From: Rodolphe Breard <rodolphe@what.tf>
Date: Mon, 17 Aug 2020 16:58:00 +0200
Subject: [PATCH] Update the CONTRIBUTING.md file

rel #2 and #33
---
 CONTRIBUTING.md | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index e11a730..0d97b11 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -13,9 +13,19 @@ Since the author is not a native English speaker, some of the texts used in this
 
 ## Work on dependencies
 
+### botan and botan-sys
+
+Although Botan isn't a dependency, it is considered for the replacement of OpenSSL as the default cryptographic API (although OpenSSL will be kept as an alternative). But before this can be done, the Botan crate need to support a few features:
+
+- Access to a certificate's expiration time (via `botan_sys::botan_x509_cert_get_time_expires`).
+- Access to a certificate's subject's alt names.
+- Self-signed certificate generation (via `botan_sys::botan_x509_cert_gen_selfsigned`).
+- CSR (requires to add bindings to [create_cert_req](https://botan.randombit.net/handbook/api_ref/x509.html#creating-pkcs-10-requests)) with DER export.
+
+
 ### attohttpc
 
-Although `attohttpc` is not currently a dependency, it may replace `reqwest` which is far too big and drags a lot of dependencies. But before this could be done, it needs to allow [new root certificates to be added](https://github.com/sbstp/attohttpc/issues/71).
+Add an optional Botan support as the cryptographic library.
 
 ### rust-openssl