On March 24 and 25, 2025, we hosted two live Q&A sessions to discuss the formation and role of the new Technical Advisory Committees (TACs) concerning the OpenSSL Library. These sessions featured:
Tim Hudson, President of the OpenSSL Corporation (Session 1)
Matt Caswell, President of the OpenSSL Foundation (Sessions 1 and 2)
Anton Arapov, Operations Director of the OpenSSL Corporation (Session 2)
Hana Andersen, Marcom Manager of the OpenSSL Corporation (both sessions)
Moderated by Kajal Sapkota
These interactive webinars offered our community the opportunity to ask questions and better understand the purpose and structure of the TACs.
The OpenSSL Project is pleased to announce that OpenSSL 3.5 Beta1 pre-release is released and adding significant new functionality to
the OpenSSL Library.
Thank you to everyone who registered and to those who went the extra mile to nominate candidates for the Technical Advisory Committees of the OpenSSL Corporation and OpenSSL Foundation.
The OpenSSL Corporation (primarily focused on commercial communities) and the OpenSSL Foundation (primarily focused on non-commercial communities) are pleased to announce the formation of the Technical Advisory Committees (TACs) to provide expert guidance and strategic direction for our technical initiatives. This marks a significant milestone, and we need dedicated individuals to help shape their future.
The OpenSSL Project is pleased to announce that OpenSSL 3.5 Alpha1 pre-release is released and adding significant new functionality to
OpenSSL Library.
The OpenSSL Corporation is pleased to announce that OpenSSL version 3.1.2 has achieved FIPS 140-3 validation, signifying its compliance with the rigorous cryptographic module security requirements set forth by the National Institute of Standards and Technology (NIST). This accomplishment marks a significant milestone in reinforcing trusted, standards-based encryption for organizations operating in regulated environments, including government agencies, healthcare institutions, and financial services.
The OpenSSL Project is announcing the upcoming release of OpenSSL 3.5 Alpha,
scheduled for March 11, 2025. As a result, the repository will be frozen before the release on March 6, 2025.
We are pleased to announce that OpenSSL
3.5
will be the next long term stable (LTS) release. Per OpenSSL’s LTS
policy,
3.5 will be supported until April 8, 2030.
The previous LTS (OpenSSL 3.0)
will continue to be fully supported until September 7, 2025 and
receive security fixes until September 7, 2026. Projects that
currently depend on 3.0 are strongly encouraged to switch to OpenSSL
3.5 once it has been released.
In addition, the OpenSSL Corporation and Foundation have agreed to
designate an LTS every two years. That means there will be an LTS
release in April of 2027, another in 2029, and so on. As always, each
LTS will be supported for 5 years with the final year’s support being
security patches only. For more information, please see the OpenSSL
Library Roadmap.
We’re introducing a streamlined process for deciding which new features make it into each OpenSSL Library release. This involves two layers of readiness checks—technical and business—to help ensure features are both technically sound and well-aligned with the broader needs of the communities. For OpenSSL 3.5, the OpenSSL Technical Committee (OTC) has advised on technical readiness, and the Business Advisory Committee has advised on business readiness.
The go/no-go decisions ensure we merge well-vetted features into the main codebase for OpenSSL 3.5, complementing OpenSSL Library’s existing review process.
The freeze date for OpenSSL 3.5 Alpha is rapidly approaching. If you have a feature on the planning page, please ensure that your associated PRs are posted, reviewed, and ready to be merged before the include/exclude decision date (Tuesday, February 11, 2025) and merged before the repository freeze date (Tuesday, February 25, 2025). Otherwise, the feature will be postponed until the next release.
Important dates
Feature branches include/exclude decision date: February 11, 2025
Feature branches merge: February 18, 2025
Repository freeze date: February 25, 2025
Alpha release date: March 11, 2025
Beta release date: March 25, 2025
Release date: April 8, 2025
Current highlights of the feature list planned for 3.5 include:
QUIC server - QUIC (RFC 9000 - Quick UDP Internet Connections) is a protocol intended to deliver faster, secure communication for Internet applications. Standardized as RFC 9000, QUIC operates over UDP.
ML-KEM - Module Lattice Based Key Encapsulation Mechanism (FIPS 203), a post-quantum cryptography algorithm for key encapsulation for secure key exchange.
ML-DSA - Module Lattice Based Digital Signature Algorithm (FIPS 204), a post-quantum cryptography algorithm for signature generation and verification for proof of authenticity and non-repudiation.
SLH-DSA - Stateless Hash Based Digital Signature Algorithm (FIPS 205), a post-quantum cryptography algorithm for signature generation and verification for proof of authenticity and non-repudiation.
If you have any questions or comments regarding the OpenSSL 3.5 release contact us at feedback@openssl.org.
