This is a tentative list of things considered for inclusion in the 0.24 release.

• reduce bifurcation of library internals by using low-level API in high-level API #1723
• Asynchronous calls to user-provided code #850
  • Poll-based encrypt/decrypt/sign API support in asynchronous and synchronous call #1976
  • Async code in ProducesTickets implementation #1808
  • Support asynchronous cryptographic accelerators under Linux #1033
• Add kernel connection API #2370
• Convey client ALPN protocols in ClientConnection::new() instead of via ClientConfig #2260
• Server-side Encrypted Client Hello (ECH) support #1980
• QUIC support for Acceptor #1218
• Specify ciphersuites for TLS 1.2 and TLS 1.3 separately #1659
• Consider a process default server certificate verifier #1821
• Review whether we should ship first-party crypto providers #2395
• Review API impact of global/mutually exclusive features #2396
• Evolution of state machine representations #2397
• export_keying_material() API doesn't conform with TLS 1.3 recommendations #945
• Evaluate whether CryptoProvider should become a trait #2401
• Audit public enums for exhaustivity #2398
• Audit public struct types for exhaustivity #2399
• Consider implementing Drop for every public type #2446

API tweaks to make:

• Pass ClientHello by reference to ResolvesServerCert #1908
• Clean up crate feature naming #1961
• Generalize error return from TicketSwitcher generator fn #2074
• Reevaluate additions to traits with default implementations #2119
• Reduce number of obsolete variants in CipherSuite enum #2171
• FIPS: allow more detailed reporting of approval status #2309
• Drop PacketKey::*_for_path() default implementations #2315
• Consider dropping support for QUIC drafts #2378