Blog

The OpenSSL Management Committee on behalf of the OpenSSL Project is pleased to announce that the OpenSSL 3.0 FIPS Provider has had its FIPS 140-2 validation certificate issued by NIST & CSE.

UPDATE: Please note this position has been filled.

The OpenSSL Management Committee are looking to hire a full time Platform Engineer. This is a sysadmin role. Details of the roles follow.

To apply please send your cover letter and resume to jobs@openssl.org by 17th June 2022.

UPDATE: Please note this position has been filled.

The OpenSSL Management Committee are looking to hire a full time Business Operations Administrator. Details of the role follow.

To apply please send your cover letter and resume to jobs@openssl.org by 6th June 2022.

UPDATE: Please note these positions have been filled.

The OpenSSL Management Committee are looking to hire a full time Developer and a full time Manager. Details of the roles follow.

To apply please send your cover letter and resume to jobs@openssl.org by 6th January 2022 (extended from 9th December 2021).

The OpenSSL Management Committee are looking to hire a full time Administrator and Manager. Details of the role follow.

To apply please send your cover letter and resume to jobs@openssl.org by 20th September 2020.

We’re planning to extend who we prenotify of any future High and Critical security issues.

We have previously talked about our plans for OpenSSL 3.0 and FIPS support here. This blog post will give an update about what has been happening since then.

At the Face to Face meeting held on the occasion of the ICMC19 Conference in Vancouver, a novelty was introduced: For the last day of the meeting all committers were invited to participate, either personally or remotely via video conference.

As mentioned in a previous blog post, OpenSSL team members met with various representatives of the FIPS sponsor organisations back in September last year to discuss design and planning for the new FIPS module development project.

Since then there has been much design work taking place and we are now able to publish the draft design documentation. You can read about how we see the longer term architecture of OpenSSL changing in the future here and you can read about our specific plans for OpenSSL 3.0 (our next release which will include a FIPS validated module) here.

20 years ago, on the 23rd December 1998, the first version of OpenSSL was released. OpenSSL was not the original name planned for the project but it was changed over just a few hours before the site went live. Let’s take a look at some of the early history of OpenSSL as some of the background has not been documented before.