The OpenSSL Foundation is pleased to share its Annual Report for fiscal year 2024, covering the period of August 1, 2023 through July 31, 2024. This public document is a first for the Foundation, reflecting a renewed commitment to transparency with our communities and the sponsors and donors whose contributions provide critical financial support.
One year ago, we celebrated the 25th anniversary of OpenSSL, marking the release of version 0.9.1c on December 23, 1998, and it seemed fitting to share this Annual Report today, on OpenSSL’s 26th birthday. So much has changed over those 26 years, but our reliance on our community of committers, contributors, and funders has not. We greatly appreciate the many contributions of many types that keep OpenSSL strong and secure and hope you enjoy reading about all that we achieved together.
As previously communicated the recent election for the Distributions seat on the
Foundation BAC resulted in a tie between Dmitry Belyavsky (Red Hat) and John
Haxby (Oracle). As a result we will be re-running this election in early January
with just these two candidates. Voting will open on 3rd January 2025 and will
close on 10th January 2025.
The “Distributions” community includes maintainers of operating systems or
significant packages that integrate OpenSSL Foundation and OpenSSL Corporation
projects. If you are involved in an OpenSSL distribution then we encourage you
to sign up to the
community and vote in the second round of the election in January.
Upon certification of the election results by the Election Committee, the OpenSSL Foundation and the OpenSSL Corporation are pleased to announce the official results of the Business Advisory Committee (BAC) elections. After a thorough nomination and voting process, the OpenSSL community has selected a group of distinguished individuals to provide guidance and advice to OpenSSL.
Newly Elected Members
The following candidates have been elected to serve on the Business Advisory Committee:
The OpenSSL Foundation is pleased to announce that we are reopening the opportunity for individuals to financially support our work through donations on Github Sponsors. Individual contributions of time, expertise, and financial support have always been critical to our ability to keep improving the OpenSSL software library, and we are excited to once again welcome financial contributions at all levels.
Thank you to everyone who registered, as well as those who took the extra step to nominate candidates, for the Business Advisory Committees of the OpenSSL Foundation and OpenSSL Corporation. We are now at the final step - voting - which is essential to complete the process.
Start Date: December 5, 2024 Deadline for Voting: December 15, 2024 11:59pm Pacific Time (US/ Canada)
Election Committee
The Election Committee is composed of the directors of the OpenSSL Foundation and the OpenSSL Corporation. This marks the first inaugural Election Committee, tasked with overseeing and managing the election processes across various communities. The committee is dedicated to ensuring that voting is conducted fairly, transparently, and in alignment with the established rules and procedures.
Thank you to everyone who attended our Q&A sessions about the formation of Business Advisory Committees. We received valuable input from our communities, including requests to allow more time for nominations.
We have heard you, and we would like to announce that:
The nomination period has been extended until Wednesday, December 4, 2024.
The election period starts on Thursday, December 5, 2024 and ends on Sunday, December 15, 2024. You can change your vote up to the end of the election period.
This extension provides additional time to ensure everyone has the opportunity to nominate the individuals who can best represent the community’ s view and needs.
Are you looking to deepen your understanding of X.509 keys and certificates or sharpen your command-line skills?
Join us for a comprehensive webinar on X.509 certificate management led by Viktor Dukhovni, an OpenSSL Software Engineer. This session covers essential concepts and hands-on techniques using OpenSSL’s command-line tools.
The OpenSSL Foundation (primarily focused on non-commercial communities) and the OpenSSL Corporation (primarily focused on commercial communities) are pleased to announce the formation of Business Advisory Committees (BAC), inviting our communities - Distributions, Committers, Small Businesses, Large Businesses, Individuals, and Academics - to actively engage in shaping the future of OpenSSL. These advisory bodies are critical in enhancing our governance structure, ensuring that the decisions reflect the diverse stakeholders involved and that our Mission and Values stay aligned with the community’s needs.
The final release of OpenSSL 3.4 is now live. We would like to thank all those who contributed to the OpenSSL 3.4 release, without whom OpenSSL would not be possible.
OpenSSL delivers the following significant new features:
Support for Integrity only cipher suites (RFC 9150)
JITTER RNG support via statically linked jitterentropy library
RFC 5755 Attribute Certificate support
FIPS indicators in support of FIPS 140-3 validation
Improved Base64 BIO input handling and error reporting
XOF Digest size reporting improvements
Windows Registry key-based directory lookup
Support for several X509v3 extensions
Support for position independent executables in the openssl app to support address space layout randomization
Please see the CHANGES.md file in the release for a full list of changes since OpenSSL 3.3