The OpenSSL Project is excited to announce that OpenSSL 3.2 is expected to be fully released on 16th November, 2023.
In the meantime the OpenSSL 3.2 Beta is currently available. We encourage all OpenSSL users to build and test against the beta release and provide feedback.
OpenSSL 3.2 will be our last release before we transition to a time-based release schedule on a 6-month cadence, with regular feature releases in October and April each year.
The OpenSSL Project is excited to announce our first beta release of OpenSSL 3.2. We consider this to be a release candidate and as such encourage all OpenSSL users to build and test against this beta release and provide feedback.
The code for OpenSSL 3.2 is now functionally complete and at the time of the beta release there were no outstanding known regressions that need to be fixed before the final release. A lot of work has been going on over the last few months getting OpenSSL 3.2 ready for its final release and we want to send thanks to everyone who has helped us.
Raw Public Keys have emerged as a component for securing communications between clients and servers. Raw Public Keys, as defined in RFC 7250, play a role in ensuring the confidentiality, integrity, and authenticity of data exchanged over the web. As a result OpenSSL will be adding support for Raw Public Keys in the upcoming OpenSSL 3.2.
Raw Public Keys are a cryptographic mechanism used in public key infrastructure (PKI) systems. They are a way of representing a public key without the associated digital certificate, which contains additional information like the owner’s identity, expiration date, and digital signatures from a certificate authority. This makes Raw Public Keys more lightweight and efficient, especially in resource-constrained environments.
The upcoming OpenSSL 3.2 will be implementing Hybrid Public Key Encryption (HPKE) into the library.
Hybrid Public Key Encryption (HPKE) is a cryptographic protocol defined in RFC 9180 (Request for Comments) that aims to provide a flexible and secure way to perform public key encryption in various scenarios. HPKE combines the security of public key encryption with the flexibility of using different key exchange methods and encryption schemes. This protocol is designed to be used in a wide range of applications, including securing communications over the internet and other networked environments.
Implementing HPKE in OpenSSL will help ensure that your public key encryption solution is both effective and reliable for securing data in various applications and environments for the following reasons:
In the ever-evolving landscape of cybersecurity, staying ahead of potential threats is crucial. The OpenSSL project has been at the forefront of cryptographic security for decades, providing a robust toolkit that enables encryption, decryption, and other cryptographic functions. In the continuous pursuit of enhancing security and regulatory compliance, we want to share our updated ambitious FIPS (Federal Information Processing Standards) plans.
We will be releasing a series of new tutorials in the upcoming OpenSSL 3.2 release to help new users of OpenSSL get a quick start on developing applications using the OpenSSL libraries. They will also be helpful to users wanting to try out the new client side QUIC capabilities.
OpenSSL 3.2 Alpha 2 has recently been released.
Please see our previous blog post for a list of all of the exciting new features that are contained in the upcoming 3.2 release.
OpenSSL 1.1.1 series has reached its End of Life (EOL). As such it will no longer receive publicly available security fixes.
We are pleased to announce the immediate availability of OpenSSL 3.2 Alpha 1. This release incorporates a number of new features, most notably:
OpenSSL is pleased to announce the imminent release of OpenSSL 3.2 Alpha 1 on the 7th September 2023.
As this will be an alpha release, it is intended for development and testing purposes. It represents the first step in our planned release of OpenSSL 3.2.
Depending on the outcome of the alpha process, we hope to make a beta release as soon as two weeks after Alpha 1 is released. When we do move to beta, this will represent a feature freeze. Therefore, no new feature PRs will be accepted into the 3.2 branch after this.