The election for the OpenSSL Corporation Board of Directors has now concluded. All eligible members have cast their votes, and it is confirmed that Tim Hudson has been reelected to the Board for a 3-year term.
A 2-year seat, vacated by Hugo Landau’s resignation.
We extend our gratitude to all nominees for their willingness to serve, as well as to the Members who participated and cast votes in support of our mission.
At the OpenSSL Corporation, we understand the value of collaboration, and while remote work keeps us connected, nothing beats the energy of meeting in person. That’s why we gather for face-to-face (F2F) meetings three to four times a year, bringing together team members from across the globe.
Our recent F2F meeting was the opportunity to reconnect not just with each other but also with our colleagues from the OpenSSL Foundation. With employees spread across seven locations and three continents, these gatherings allow us to put faces to names, share ideas more dynamically, and build the trust that is essential for collaboration.
We are pleased to present the OpenSSL Corporation Annual Report 2024, offering a comprehensive overview of our progress, key developments, and strategic initiatives throughout fiscal year 2024.
Report Highlights
Financial Summary – A transparent review of revenue, expenditures, and resource allocation.
Project Developments – Key feature releases, security updates, and enhancements to OpenSSL Library’s cryptographic capabilities.
Community & Partnerships – Recognition of contributors, collaborations, and the global impact of the OpenSSL Library.
Future Outlook – Upcoming initiatives for 2025 and beyond.
Download the Report
The OpenSSL Corporation Annual Report 2024 is now available for download. Access your copy here.
OpenSSL’s FIPS 140-3 module has progressed from the “Review Pending” phase to the “Coordination” phase on the NIST CMVP Modules-In-Process list. This change signifies that the National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS) have completed their initial examination of the module and are now collaborating with the OpenSSL team and the accredited testing laboratory on any remaining clarifications before final certification.
FIPS 140 (Federal Information Processing Standard Publication 140) is a U.S. government standard that defines the security requirements for cryptographic modules. Specifically, it ensures that these modules meet certain cryptographic and operational requirements to protect sensitive data and communications.
On January 13, 2025, OpenSSL Corporation hosted its inaugural Business Advisory Committee (BAC) meeting, marking a significant milestone in the project’s evolution towards enhanced community engagement and transparency. This kickoff meeting brought together key stakeholders to discuss the committee’s structure, purpose, and path forward.
Participants
OpenSSL Corporation
Anton Arapov
Tim Hudson
Katerina Micova
Advisory Committee Members
Billy Brumley (RIT) – Academics
Paul Dale (Oracle) – Committers
Jaroslav Reznik (Red Hat) – Distributions
Randall Becker - Individuals
Jeff Johnson (Cisco) – Large Business
James Bourne (FireDaemon Technologies) – Small Business
Meeting Highlights
Governance and Structure
The committee was presented with OpenSSL’s new governance model, effective from March 2024. This model introduces Business and Technical Advisory Committees to strengthen community involvement, incorporate the perspectives of our communities, and ensure informed and transparent decision-making to better serve our Mission.
The anticipated future arrival of cryptographically relevant quantum computers (CRQCs),
that could undermine the algorithms that underlie the currently most widely used public key algorithms (ECDHE, ECDSA, DH and RSA),
has led to the development and recent standardisation of new “post-quantum” (PQ) algorithms, that are believed to not be vulnerable to CRQC attack.
Two of the first algorithms standardized are ML-KEM (for key agreement) and ML-DSA (for digital signatures).
These algorithms are standardized by NIST in FIPS 203 and FIPS 204. These define the algorithm parameters and how to correctly
perform the necessary mathematical operations, but do not define such details as data formats for public and private keys.
Those details were left to other standards organisations, such as the IETF.
Upon certification of the election results by the Election Committee, the OpenSSL Foundation and the OpenSSL Corporation are pleased to announce the official results of the Business Advisory Committee (BAC) elections. After a thorough nomination and voting process, the OpenSSL community has selected a group of distinguished individuals to provide guidance and advice to OpenSSL.
Newly Elected Members
The following candidates have been elected to serve on the Business Advisory Committee:
Thank you to everyone who registered, as well as those who took the extra step to nominate candidates, for the Business Advisory Committees of the OpenSSL Foundation and OpenSSL Corporation. We are now at the final step - voting - which is essential to complete the process.
Start Date: December 5, 2024 Deadline for Voting: December 15, 2024 11:59pm Pacific Time (US/ Canada)
Election Committee
The Election Committee is composed of the directors of the OpenSSL Foundation and the OpenSSL Corporation. This marks the first inaugural Election Committee, tasked with overseeing and managing the election processes across various communities. The committee is dedicated to ensuring that voting is conducted fairly, transparently, and in alignment with the established rules and procedures.
Thank you to everyone who attended our Q&A sessions about the formation of Business Advisory Committees. We received valuable input from our communities, including requests to allow more time for nominations.
We have heard you, and we would like to announce that:
The nomination period has been extended until Wednesday, December 4, 2024.
The election period starts on Thursday, December 5, 2024 and ends on Sunday, December 15, 2024. You can change your vote up to the end of the election period.
This extension provides additional time to ensure everyone has the opportunity to nominate the individuals who can best represent the community’ s view and needs.