After 3 years of development work, 17 alpha releases, 2 beta releases, over
7,500 commits and contributions from over 350 different authors we have finally
released OpenSSL 3.0! In addition to this there has been a large number of
contributions from our users who have been actively working with the pre-release
versions to test it, make sure it works in the real world and with a large array
of different applications and reporting their results. I am also delighted to
note that there has been a 94% increase in the amount of documentation that we
have since OpenSSL 1.1.1 and an (adjusted) increase in the “lines of code” in
our tests of 54%. There has never been a better demonstration of what an active
and enthusiastic community we have than when you look at the statistics for the
OpenSSL 3.0 development work. Thanks to everyone who has taken part - no matter
how small that part was.
The OpenSSL Management Committee (OMC) and the OpenSSL Technical Committee
(OTC) are glad to announce our first beta release of OpenSSL 3.0. We consider
this to be a release candidate and as such encourage all OpenSSL users to build
and test against this beta release and provide feedback.
QUIC is a new protocol which the IETF talks about as
A UDP-Based Multiplexed and Secure Transport,
and has attracted a lot of attention lately. The OpenSSL Management
Committee (OMC) have followed the development with interest, and we feel that we
owe it to the community to say where we stand on this, and on the inclusion of
support for this protocol in our libraries.
We have previously talked about our plans for OpenSSL 3.0 and FIPS support
here. This blog
post will give an update about what has been happening since then.