Blog

This is the end of an era for OpenSSL with the last of the original founders of the project passing on the torch to the current leadership of the project for the next phase of its evolution.

At OpenSSL, we’re always learning and taking small steps, informed by both fresh ideas and the feedback we receive. Today, we’d like to share a couple of updates we hope will make things clearer and more collaborative for our community.

These updates are part of our effort to align more closely with, and live by, our Mission and Values.

We recently published our mission statement and values which included that our governance should be transparent. We’ve not really talked much about how we’re financed and where the money goes, so let’s make a start on changing that.

A little background for clarity: The OpenSSL project has two companies, registered in the USA.https://openssl-corporation.org/support/ The first, OpenSSL Software Foundation, is a non-profit organisation that is used to hold the copyrights, trademarks, as well as things like the contributor license agreements (CLA). The second, OpenSSL Software Services, is our commercial entity that provides companies with paid support and other services, and pays our consultants to work on those services as well as development on OpenSSL. The OpenSSL project relies on funding to maintain and improve OpenSSL, and the goal of OpenSSL Software Services is to ensure long term sustainable funding to the project.

UPDATE: Please note this position has been filled.

Job Description

We are seeking a passionate, tech-savvy individual to act as a Community Engagement Leader for the OpenSSL project. The ideal candidate will be responsible for fostering and enhancing connections between various communities around OpenSSL, facilitating fruitful discussions, spreading awareness about the project, and driving engagement and contributions. An essential aspect of this role is alignment with our core values and mission, as we expect these principles to be reflected in your day-to-day professional activities. Beyond community engagement, this role also involves collecting and contributing valuable insights to the project’s roadmap, making it an integral part of the project’s continuous growth and improvement.

This is a remote position with travel required, approximately up to 15% of working time. Given the global nature of the project, we require flexibility in accommodating various time zones outside of conventional business hours. We are seeking candidates located specifically within the Europe and North America.

To apply please send your resume to jobs@openssl.org by 17th August 2023.

Applications will be reviewed on a rolling basis. Only candidates selected for interviews will be contacted.

UPDATE: Please note this position has been filled.

Job Description

We are seeking a dynamic and innovative DevOps Engineer to join our team. This role demands a high level of technical knowledge, leadership skills, and the ability to communicate the state of our infrastructure externally. Furthermore, it’s crucial that you share and uphold our core values and mission in your everyday professional activities. As a critical member of our team, you will drive our continuous integration and deployment efforts, while ensuring that our infrastructure status is transparent and effectively conveyed externally.

This is a remote position. Given the global nature of the project, we require flexibility in accommodating various time zones outside of conventional business hours. In particular, our weekly and daily meetings are generally scheduled within the core hours of 7-11am UTC.

To apply please send your resume to jobs@openssl.org by 17th August 2023.

Applications will be reviewed on a rolling basis. Only candidates selected for interviews will be contacted.

UPDATE: Please note this position has been filled.

Job Description

We are seeking a Software Engineer to join our team. As a Software Engineer at OpenSSL, you will play a vital role in sustaining and evolving the core cryptography and network protocol functionality that enables secure communication across the internet. In addition to your technical contributions, it’s essential that you align with and uphold our core values and mission in your everyday professional activities. Your responsibilities will include resolving issues of support customers, as well as working on the OpenSSL toolkit, contributing to the development, debugging, and maintenance of this crucial open-source resource. Your day-to-day tasks will include analyzing and solving complex software problems, collaborating on the design and implementation of secure solutions, and writing and maintaining detailed technical documentation. Our ideal candidate is someone who is interested in secure communication, has a deep understanding of C programming, and possesses a strong sense of ownership.

This is a remote position. Given the global nature of the project, we require flexibility in accommodating various time zones outside of conventional business hours. In particular, our weekly and daily meetings are generally scheduled within the core hours of 7-11am UTC.

To apply please send your resume to jobs@openssl.org by 17th August 2023.

Applications will be reviewed on a rolling basis. Only candidates selected for interviews will be contacted.

For a meeting last week I wanted to show how much of OpenSSL is being written by people paid to do so by their employers, and how much was from individuals in their own time. And it turns out most of OpenSSL is written by people paid to do so. This is crucial to understanding the critical role that corporations provide to Open Source projects such as OpenSSL.

After extensive feedback from our communities, OpenSSL is pleased to announce that we have formally adopted the Mission and Values Statement, and will now be aligning our activities to support these.

You can view our new Mission and Values Statment here.

We would like to extend our sincere thanks to all those who provided feedback to us. We have reviewed all the comments and responses, which showed that a clear majority (around 70%) agreed on OpenSSL adopting the Mission and Values Statement. It was really beneficial to hear from our various communities and we will continue to seek out your feedback in the future.

OpenSSL 1.1.1 series will reach End of Life (EOL) on 11th September 2023. Users of OpenSSL 1.1.1 should consider their options and plan any actions they might need to take.

The OpenSSL project is pleased to announce that the first of the rebranded FIPS 140-2 certificates, available exclusively to our Premium Support Customers, have been officially issued by the CMVP. With this significant milestone achieved, we anticipate a smooth and ongoing rollout of the remaining and future rebrandings. If your company desires a rebranded FIPS 140-2 validation certificate bearing your organisation’s name, obtaining one is a straightforward task: simply secure a premium support contract with the project and ask for a rebranded certificate.