Exciting news in the world of online security! NetApp, an intelligent data infrastructure company, is now a Gold Sponsor of OpenSSL, showing their strong support for making the internet a safer place for everyone.
NetApp’s sponsorship brings valuable resources to OpenSSL, enabling the project to accelerate development, conduct thorough security audits, and ensure ongoing maintenance and support. In return, NetApp gains access to cutting-edge cryptographic technologies, contributing to the enhancement of its own security solutions and reinforcing its position as a leader in data management.
In the fast-paced world of cybersecurity, the ability to secure digital assets is paramount. We’re excited to announce our upcoming webinar, “Getting Started with OpenSSL,” which is designed to provide attendee’s with a solid foundation in using OpenSSL to enhance the security of their applications and systems. Join us for this webinar and learn all about OpenSSL’s purpose, features, and components.
Why Attend?
Empower Yourself: Gain practical skills to implement OpenSSL in your projects.
Community Engagement: Connect with a community of security-conscious individuals.
The OpenSSL project is pleased to announce an update to its FIPS 140-2
certificate #4282. The certificate now validates the FIPS
provider built from the 3.0.8 and 3.0.9 releases.
We are thrilled to announce a major leap forward in our efforts to connect with the community and share valuable insights—OpenSSL now has its own YouTube channel! As a significant milestone in our commitment to transparency, education, and open-source collaboration, this channel will serve as a hub for engaging content, tutorials, and updates straight from the heart of OpenSSL.
What to Expect:
Tutorial Series:
Get ready for in-depth tutorials covering a wide range of topics, from OpenSSL basics to advanced usage scenarios. Whether you’re a seasoned developer or just starting, our tutorials will cater to all skill levels.
We are thrilled to announce a special celebration in honor of OpenSSL’s 25th anniversary! Two and a half decades of commitment to security, reliability, and open-source collaboration have made OpenSSL an indispensable tool in the world of digital communication.
To express our gratitude to the incredible community that has supported us throughout the years, we are hosting an exclusive T-Shirt Giveaway! The first 75 people to participate will receive a limited edition OpenSSL 25th-anniversary T-shirt as a token of our appreciation.
Part two of the OpenSSL Providers Workshop is next week! We have divided the workshop into two tracks the Users Track and the Authors Track. Please join us next week for part two of the workshop: Live OpenSSL Providers Workshop: Authors Track. As with the Users Track, we will be hosting two sessions of the Authors Track at different times to allow people from different time zones to be able to join our workshops live.
The long anticipated OpenSSL Providers Workshop is finally here! We have divided the workshop into two tracks the Users Track and the Authors Track. Please join us next week for part one of the workshop: Live OpenSSL Providers Workshop: Users Track. Due to world wide interest, we will be hosting two sessions of the Users Track at different times to allow people from different time zones to be able to join our workshops live.
We are pleased to announce the immediate availability of OpenSSL 3.2.0. OpenSSL
3.2.0 is the first General Availability release of the OpenSSL 3.2 release line,
and incorporates a number of new features, including:
Client-side QUIC support, including support for multiple streams (RFC 9000)
Certificate compression in TLS (RFC 8879), including support for zlib, zstd
and Brotli
Deterministic ECDSA (RFC 6979)
Support for Ed25519ctx, Ed25519ph and Ed448ph (RFC 8032)
in addition to existing support for Ed25519 and Ed448
AES-GCM-SIV (RFC 8452)
Argon2 (RFC 9106) and supporting thread pool functionality
HPKE (RFC 9180)
The ability to use raw public keys in TLS (RFC 7250)
TCP Fast Open (RFC 7413) support, where supported by the OS
Support for provider-based pluggable signature schemes in TLS,
enabling third-party post-quantum and other algorithm providers to use those
algorithms with TLS
Support for Brainpool curves in TLS 1.3
SM4-XTS
Support for using the Windows system certificate store as a source of trusted
root certificates. This is not yet enabled by default and must be activated
using an environment variable. This is likely to become enabled by default
in a future feature release.
As part of the OpenSSL project’s commitment to deliver a secure and high quality
cryptography toolkit, we routinely apply fuzzing to the OpenSSL codebase, which
searches automatically for potential bugs in upcoming OpenSSL releases. This
fuzzing process runs continuously and on an ongoing basis and as such, bugs can
be identified by our fuzzing infrastructure at any time.
Due to a small number of bugs which have been identified by the ongoing use of
fuzzing, the OpenSSL Project has made the decision to postpone the final release
of OpenSSL 3.2 by at least a week. While we have promptly fixed all bugs
presently identified by fuzzing, to ensure the quality of OpenSSL 3.2, we do not
intend to make the final release until all issues identified by fuzzing have
been addressed and no new issues are found for one week. As a result, we have
pushed the full release of OpenSSL 3.2 to the 23rd November 2023. Please stay
tuned to our blog for more details on the matter.