ICMC 2025: Advancing Cryptographic Assurance Through Collaboration

The ICMC 2025 gathering in Toronto brought together practitioners committed to advancing and maintaining cryptographic assurance through evolving standards and practices. OpenSSL Corporation participated as a Gold Sponsor, reinforcing our commitment to standards-based assurance.

Preparing for the Post-Quantum Era: OpenSSL 3.5 and Standards Alignment

At ICMC 2025, we released OpenSSL 3.5, which includes early support for Post-Quantum Cryptography (PQC). While the transition to quantum-safe algorithms will take time, this release lays essential groundwork to provide the global community with open, secure, and standards-aligned tools that can be deployed with confidence.

Sharing Lessons, Inviting Discussion

Tomas Vavra and Tim Hudson delivered well-attended talks that invited thoughtful discussion.

In PQC in the OpenSSL Library, Engineering Manager Tomas Vavra outlined how the OpenSSL Library is aligning with emerging standards such as FIPS 203, 204, and 205. He detailed the PQC features in OpenSSL 3.5 and outlined key decision points for organizations preparing for quantum-resilient implementations.

Tim Hudson, OpenSSL Corporation President, delivered the OpenSSL Project Roadmap, outlining key development priorities, including QUIC server readiness, PQC implementation, FIPS 140-3 certification, and future release planning. He emhasized the importance of balancing adoption with assurance and anchoring innovation in long-term stability.

These sessions, and the broader ICMC dialogue, highlighted a shared understanding: advancing secure infrastructure demands both technical expertise and clear community direction.

Marking a Milestone: FIPS 140-3 Certificate Ceremony

As part of our FIPS 140-3 validation work, we participated in the official FIPS 140-3 certificate ceremony. It represents a formal recognition of the compliance rigor required to meet FIPS 140-3 standards.

In Collaboration: Lightship Security, the OpenSSL Foundation, and Academic Perspective

The OpenSSL Corporation also engaged with key contributors and collaborators across industry and academia. Our discussions with Lightship Security centered on shared priorities — particularly around assurance, standards alignment, and the path to validation.

It was equally valuable to spend time with our colleagues from the OpenSSL Foundation – Amy Parker and Tomas Mraz, as well as Nicola Tuveri, who represents the academic voice on the OpenSSL Foundation’s Business Advisory Committee (BAC).

The OpenSSL Conference: Call for Contributors

The OpenSSL Conference, taking place on October 7 – 9, 2025, has received encouraging support from across the community — a sign of shared interest in advancing the future of cryptographic infrastructure.

With the Call for Papers now open, we invite contributions from across our communities — including academic, industry, and open-source — that offer clarity, depth, and perspective shaped by experience.

Talks may align with one of the conference’s four key tracks:

• Security & Assurance: Implementation guidance, threat modeling, certification, and operational security.

• Standards & Protocols: Current and emerging cryptographic standards and their role in modern infrastructure.

• OpenSSL & Open Source: Practical experience, contributions, and case studies using the OpenSSL Library.

• Community & Governance: Perspectives on sustainability, transparency, and responsible stewardship of open-source cryptographic tools.

Whether your expertise lies in post-quantum transitions, implementation challenges, policy alignment, or community design — we welcome proposals that contribute technical insight, implementation experience, and policy alignment. This is an opportunity to share research and operational insights that advance the resilience of open cryptographic systems.

We thank all who took the time to engage with us at ICMC 2025 — and we look forward to the conversations still to come.