The anticipated future arrival of cryptographically relevant quantum computers (CRQCs),
that could undermine the algorithms that underlie the currently most widely used public key algorithms (ECDHE, ECDSA, DH and RSA),
has led to the development and recent standardisation of new “post-quantum” (PQ) algorithms, that are believed to not be vulnerable to CRQC attack.
Two of the first algorithms standardized are ML-KEM (for key agreement) and ML-DSA (for digital signatures).
These algorithms are standardized by NIST in FIPS 203 and FIPS 204. These define the algorithm parameters and how to correctly
perform the necessary mathematical operations, but do not define such details as data formats for public and private keys.
Those details were left to other standards organisations, such as the IETF.
Upon certification of the election results by the Election Committee, the OpenSSL Foundation and the OpenSSL Corporation are pleased to announce the official results of the Business Advisory Committee (BAC) elections. After a thorough nomination and voting process, the OpenSSL community has selected a group of distinguished individuals to provide guidance and advice to OpenSSL.
Newly Elected Members
The following candidates have been elected to serve on the Business Advisory Committee:
Thank you to everyone who registered, as well as those who took the extra step to nominate candidates, for the Business Advisory Committees of the OpenSSL Foundation and OpenSSL Corporation. We are now at the final step - voting - which is essential to complete the process.
Start Date: December 5, 2024 Deadline for Voting: December 15, 2024 11:59pm Pacific Time (US/ Canada)
Election Committee
The Election Committee is composed of the directors of the OpenSSL Foundation and the OpenSSL Corporation. This marks the first inaugural Election Committee, tasked with overseeing and managing the election processes across various communities. The committee is dedicated to ensuring that voting is conducted fairly, transparently, and in alignment with the established rules and procedures.
Thank you to everyone who attended our Q&A sessions about the formation of Business Advisory Committees. We received valuable input from our communities, including requests to allow more time for nominations.
We have heard you, and we would like to announce that:
The nomination period has been extended until Wednesday, December 4, 2024.
The election period starts on Thursday, December 5, 2024 and ends on Sunday, December 15, 2024. You can change your vote up to the end of the election period.
This extension provides additional time to ensure everyone has the opportunity to nominate the individuals who can best represent the community’ s view and needs.
The OpenSSL Foundation and the OpenSSL Corporation are pleased to announce the successful conclusion of the inaugural meeting with Bouncy Castle and cryptlib, two newly integrated projects under the OpenSSL Mission. This meeting represents a pivotal step in the evolution of OpenSSL’s governance structure, as outlined in the recent organizational changes, and reflects a deepened commitment to advancing privacy and security.
Bouncy Castle and cryptlib reaffirmed their alignment with the OpenSSL Mission and Values. The discussions focused on their involvement with OpenSSL Projects, and the specifics of how they will leverage the OpenSSL Foundation and the OpenSSL Corporation for their particular needs, such as shared engineering resources or access to performance test infrastructure.
Thank you to everyone who registered, as well as to those who took the extra step to nominate candidates, for the Business Advisory Committees of the OpenSSL Foundation and OpenSSL Corporation.
We invite you to attend our Q&A session, designed to address your questions. We encourage you to join the session and gain valuable insights about the nomination and election process, the role of the Business Advisory Committee, and how you can participate in shaping OpenSSL’s future.
Are you looking to deepen your understanding of X.509 keys and certificates or sharpen your command-line skills?
Join us for a comprehensive webinar on X.509 certificate management led by Viktor Dukhovni, an OpenSSL Software Engineer. This session covers essential concepts and hands-on techniques using OpenSSL’s command-line tools.
The OpenSSL Foundation (primarily focused on non-commercial communities) and the OpenSSL Corporation (primarily focused on commercial communities) are pleased to announce the formation of Business Advisory Committees (BAC), inviting our communities - Distributions, Committers, Small Businesses, Large Businesses, Individuals, and Academics - to actively engage in shaping the future of OpenSSL. These advisory bodies are critical in enhancing our governance structure, ensuring that the decisions reflect the diverse stakeholders involved and that our Mission and Values stay aligned with the community’s needs.
The final release of OpenSSL 3.4 is now live. We would like to thank all those who contributed to the OpenSSL 3.4 release, without whom OpenSSL would not be possible.
OpenSSL delivers the following significant new features:
Support for Integrity only cipher suites (RFC 9150)
JITTER RNG support via statically linked jitterentropy library
RFC 5755 Attribute Certificate support
FIPS indicators in support of FIPS 140-3 validation
Improved Base64 BIO input handling and error reporting
XOF Digest size reporting improvements
Windows Registry key-based directory lookup
Support for several X509v3 extensions
Support for position independent executables in the openssl app to support address space layout randomization
Please see the CHANGES.md file in the release for a full list of changes since OpenSSL 3.3