OpenSSL is hiring Communities Manager
Please note that we are no longer accepting new applications for this position.
OpenSSL is hiring for a Communities Manager to join our team.
Blog
Introducing Amy Parker
OpenSSL welcomes Amy Parker as the newest member of the OpenSSL Foundation team. Amy joins us in the newly created position of Chief Funding Officer, a fundraising role focused on revenue generation through corporate sponsorship and other charitable/non-commercial contributions. Funds raised will help the Foundation continue to deliver on its mission of providing security and privacy tools to everyone, everywhere.
A strategic leader with more than twenty years of senior-level fundraising experience, Amy has worked for prestigious educational and cultural institutions including the Wikimedia Foundation, Smithsonian Institution, The New York Public Library, and the University of North Carolina at Chapel Hill. She has been part of several record-setting fundraising campaigns, including the Smithsonian’s first-ever comprehensive campaign, which raised over $1.8 billion, and the $2 billion Carolina First Campaign, which was one of the 5 largest campaigns in US higher education at the time.
OpenSSL 3.4 beta released
OpenSSL 3.4 beta 1 has now been made available.
Our beta releases are considered feature complete for the release, meaning that between now and the final release, only bug fixes are expected (if any). Notable features of this release are available in NEWS.md within the source tarball.
Beta releases are provided to our communities for testing and feedback purposes. If you use OpenSSL, and particularly if you intend to upgrade to OpenSSL 3.4 when it is released, we strongly encourage you to download this beta release, and test it within whatever quality control mechanisms you have, providing feedback via our GitHub issue page at http://github.com/openssl/openssl/issues, so that we can address any shortcomings prior to the final release
OpenSSL Corporation's Silver Sponsorship at ICMC 2024 - A Retrospective
OpenSSL Corporation’s participation as a Silver Sponsor at the International Cryptographic Module Conference (ICMC) 18th - 20th September 2024 marked an important milestone in our continued commitment to advancing cryptographic technologies. As a critical player in secure communication, OpenSSL’s involvement highlighted our dedication to fostering collaboration, innovation, and security within the cryptographic community.
ICMC 2024 provided a valuable platform for industry leaders to engage in key discussions surrounding cryptographic standards, challenges, and innovations. Through our sponsorship, OpenSSL contributed to critical dialogues on post-quantum cryptography, regulatory compliance, and developing secure, open-source cryptographic solutions.
Lightship Security Partnership with OpenSSL
OpenSSL is sharing Lightship Security’s latest press release, highlighting the new partnership with the OpenSSL Corporation. Read the full release below:
Lightship Security, an Applus+ Laboratories company and a leading cryptographic security test lab, announces its agreement with the OpenSSL Corporation to provide FIPS 140-3 validation services for the OpenSSL cryptographic library.
The OpenSSL Corporation provides commercial support for users of the OpenSSL Library, a critical component of secure communications in enterprise technologies.
Performance benchmarks dashboard
We would like to announce the release of the OpenSSL Performance Benchmarks Dashboard, designed to track the impact of code changes on performance. The key focus of this dashboard is relative performance so we can assess how various code modifications affect OpenSSL’s performance across versions. This helps ensure that we’re aware of any potential performance impacts in advance, allowing us to maintain or improve efficiency with each update.
You can explore the dashboard here: OpenSSL Performance Benchmarks Dashboard. Additionally, it can be conveniently accessed from the main menu of this site under the “Resources” section.
Post-Quantum Algorithms in OpenSSL
Recently NIST published a number of post-quantum algorithm standards (ML-KEM, ML-DSA, and SLH-DSA). With these new NIST publications, OpenSSL is now prepared for implementation.
We’ve recently been receiving a lot of questions about these new standards so we wanted to make our position clear:
- We intend to implement support for these algorithms in our providers in a future version of OpenSSL
- We are currently putting together our project plans for this, stay tuned for more information regarding timeline
- We invite qualified and skilled individuals to help us implement these algorithms and integrate them into OpenSSL in accordance with our standards and policies.
From early 2022 a research project made available a test vehicle enabling TLS1.3 and X.509 support for many pre-standard and other experimental post-quantum algorithms via the OpenSSL provider interface, called oqs-provider. Its primary author and maintainer (Michael Baentsch) has now joined the OpenSSL team with the goal to support an efficient, secure, smooth and seamless integration of the now standardised post-quantum algorithms from NIST into the OpenSSL code base. Many lessons learnt from the process of building and integrating oqs-provider into downstream applications will be applied to this process.
OpenSSL 3.4 alpha released
OpenSSL 3.4 alpha 1 has now been made available.
Our Alpha releases are considered feature complete for the release, meaning that between now and the final release, only bug fixes are expected (if any). Notable features of this release are available in CHANGES.md within the source tarball.
Alpha releases are provided to our communities for testing and feedback purposes. If you use OpenSSL, and particularly if you intend to upgrade to OpenSSL 3.4 when it is released, we strongly encourage you to download this alpha release, and test it within whatever quality control mechanisms you have, providing feedback via our GitHub issue page at http://github.com/openssl/openssl/issues, so that we can address any shortcomings prior to the final release
OpenSSL considering TLS 1.0/1.1 deprecation
Recently, OpenSSL proposed the deprecation of TLS 1.0/1.1 and solicited community feedback on the idea.
Feedback on the proposal was generally split down the middle, with half of the respondents indicating immediate depreciation with near-term removal was acceptable, while the remainder of the respondents with affirmative opinions noted that they represent, or know of products whose environment disallowed updating to TLS1.2 or later, and would need to re-enable the deprecated features for the foreseeable future.
Join Our Webinar on Debugging OpenSSL Applications
Debugging is a crucial aspect of developing and maintaining reliable software. However, debugging can become particularly challenging when applications incorporate diverse and complex components like OpenSSL. This webinar is designed to help you navigate these complexities.
Webinar Details:
Date: September 11, 2024
Time: 09:00 AM Pacific Time (US and Canada)
Platform: Zoom
Topic: Debugging OpenSSL Applications
Registration Link: Click here to register
What to Expect:
- Internal Debugging Tools: Learn about the facilities OpenSSL provides to help you gain visibility into its internal behavior, allowing for more effective troubleshooting.
- External Diagnostic Tools: Explore additional tools that can be integrated with OpenSSL to diagnose and resolve more intricate issues.
For professionals dealing with OpenSSL, mastering these debugging techniques is essential to ensuring the stability and security of their applications.