Blog

OpenSSL is sharing Lightship Security’s latest press release, highlighting the new partnership with the OpenSSL Corporation. Read the full release below:

Lightship Security, an Applus+ Laboratories company and a leading cryptographic security test lab, announces its agreement with the OpenSSL Corporation to provide FIPS 140-3 validation services for the OpenSSL cryptographic library.

Recently NIST published a number of post-quantum algorithm standards (ML-KEM, ML-DSA, and SLH-DSA). With these new NIST publications, OpenSSL is now prepared for implementation.

We’ve recently been receiving a lot of questions about these new standards so we wanted to make our position clear:

Recently, OpenSSL proposed the deprecation of TLS 1.0/1.1 and solicited community feedback on the idea.

Feedback on the proposal was generally split down the middle, with half of the respondents indicating immediate depreciation with near-term removal was acceptable, while the remainder of the respondents with affirmative opinions noted that they represent, or know of products whose environment disallowed updating to TLS1.2 or later, and would need to re-enable the deprecated features for the foreseeable future.

OpenSSL 3.4 alpha 1 has now been made available.

Our Alpha releases are considered feature complete for the release, meaning that between now and the final release, only bug fixes are expected (if any). Notable features of this release are available in CHANGES.md within the source tarball.

Debugging is a crucial aspect of developing and maintaining reliable software. However, debugging can become particularly challenging when applications incorporate diverse and complex components like OpenSSL. This webinar is designed to help you navigate these complexities.

OpenSSL is pleased to announce its participation as a Silver Sponsor at the upcoming International Cryptographic Module Conference (ICMC) 2024, taking place from 18^th to 20^th September. Visit our booth and attend our presentations to discover how we can help each other.

The freeze date for OpenSSL 3.4 Alpha is rapidly approaching.

Alpha freeze approaching

The freeze date for OpenSSL 3.4 Alpha is rapidly approaching. Planned features are viewable on our 3.4 Planning page. If you have a feature on the planning page, please ensure that your associated PRs are posted, reviewed, and merged prior to the freeze date (Friday, Aug 30, 2024), or it will be postponed until the next release.

As part of our ongoing journey, OpenSSL is evolving to provide more opportunities for engagement that more effectively align with our mission statement and promote our values. OpenSSL is implementing various mechanisms to foster greater community involvement and enable our communities to play a key and active role in the decision-making process.