A presentation by @mold at #OpenSSL and @openalt crossover in #Brno.

@rsalz @romen Indeed, a good suggestion. Thank you. I’ll ensure we improve how candidate information is shared moving forward.

@romen @rsalz The list of candidates and their statements are publicly visible in each thread where the election is held. Anyone can review the nominations and associated details.

I.e.:
https://openssl-communities.org/d/bYGiRcQK/-committers-election-for-the-openssl-corporation-tac

The OpenSSL Foundation and the OpenSSL Corporation are establishing Technical Advisory Committees (TACs) to provide expert guidance on the project’s long-term technical direction. These committees will represent a broad spectrum of contributors and stakeholders, including:
- 🧑‍🏫 Academic institutions
- 🧑‍💻 Core committers
- 📦 Distribution maintainers
- 🧍 Independent contributors
- 🏢 Large-scale enterprises
- 🏪 Small and medium-sized businesses
This initiative offers a structured pathway to shape the evolution of one of the most widely deployed cryptographic libraries in the world.

Why Participate?
- 🛠️ Contribute to OpenSSL’s development roadmap and security architecture
- 🔐 Advise on cryptographic standards, emerging technologies, and implementation best practices
- 🗣️ Advocate for the needs and perspectives of their respective communities in technical governance discussions

Nomination Details:
- 🗓️ Deadline: Sunday, April 27, 2025
- ✅ Eligibility: Open to All
- 📨 How to Nominate: https://openssl.to/communities-tac-how-to-nominate

Whether nominating yourself or a peer, your technical insight and participation are important to the future of secure, open-source cryptography.

What is TAC?: https://openssl.to/communities-tac-what-is

#openssl #governance

Version 5.20 of the open source encryption protocol AmiSSL has been released for AmigaOS 3 and 4, which is now based on the latest version 3.5.0 (8.4.2025) of OpenSSL.

https://www.amiga-news.de/en/news/AN-2025-04-00056-EN.html

#Amiga #ssl #openssl #AmiSSL

OpenSSL 3.5.0 released

https://lwn.net/Articles/1016851/ #LWN

@ahf We intend to ship #OpenSSL 3.5 in #Debian. It's currently in experimental, and CI tests look good.

OpenSSL is advancing into the quantum era with the upcoming release of OpenSSL 3.5, integrating post-quantum cryptographic algorithms such as ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205). This development ensures enhanced security against emerging quantum computing threats. For an in-depth analysis, refer to the article by Prof Bill Buchanan OBE FRSE: https://medium.com/asecuritysite-when-bob-met-alice/no-excuses-openssl-enters-the-quantum-age-ad29af287273

#openssl #pqc

Trying out the Post-Quantum TLS feature (called ML-KEM) in #OpenSSL 3.5-beta1 and #Tor was a success! 🥳

The experiment is using the same setup as we did with #BoringSSL back when they enabled the Kyber768/x25519 TLS 1.3 group: we use a Tor binary, compiled against a PQC-enabled lib(ssl|crypto), to run a Bridge Server locally and connect a local Bridge Client to the server.

The branch used for this experiment is available from https://gitlab.torproject.org/ahf/tor/-/commits/ahf/openssl-3.5-pqc-experiments

Lo and behold, #OpenSSL 3.5 (their upcoming LTS release) will come out here at the beginning of April, and it does indeed support some of these hybrid PQC schemes. Their recent beta2 announcement can be read here: https://openssl-library.org/post/2025-03-25-openssl-3.5-beta/ and their roadmap is at https://openssl-library.org/roadmap/index.html

Very excited by this work. Big kudos to the OpenSSL Team here! 🥳🎉 Already planning on giving this a spin with the C implementation of #Tor later this week to see how it goes!

#foss #cryptography #pqc

Remember the old days with key signing parties? I never really got into that but I think with all the "AI" bots we are going to get to a place where we need to have trust networks built on cryptographic keys to filter out the crap.

Note to self: Set up public key and share it.

#OpenPGP #OpenSSL

#OpenSSL 📢 -- OpenSSL Corporation Board of Directors Election Results

🔗 https://openssl-corporation.org/post/2025-03-03-blog-bod-election-announcement/?utm_source=atom_feed

From #OpenSSL -- Blog on OpenSSL Corporation

OpenSSL Corporation’s First Annual Report is live!

- $5.5M revenue, 88% renewal rate
- 3,922 commits, 1,404 issues closed
- New advisory committees (BAC & TAC)
- FIPS 140-3 partnership with Lightship Security
- Announcing OpenSSL Conference 2025 in Prague!

Check it out 👉 https://openssl-corporation.org/post/2025-02-14-annual-report24/

Thank you to our team, contributors, and community!

#OpenSSL #FOSS #AnnualReport

OpenSSL Technical Advisory Committees (TAC) Election Update – Poll Results Are In!

We recently asked the OpenSSL communities whether the upcoming TAC elections should use an open or secret ballot. https://openssl-communities.org/d/dNEA402w/seeking-community-input-open-or-secret-ballot-for-tac-elections-
The results:
- Open Ballot – 49%
- Secret Ballot – 34%
- No Preference – 17%

With a plurality favoring an open ballot, we will proceed with a publicly visible voting process where individual votes will be recorded and accessible.

Election Timeline:
- March 17 – April 13: Nominations & Candidate Vetting
- April 14 – 27: Voting (Open Ballot)
- April 28: Results Announcement

Thank you to everyone who participated! Your input continues to shape OpenSSL governance.

#OpenSSL #Governance #TAC #Elections

#OpenSSL 📢 -- OpenSSL 3.5 Feature Branch Merge – Go/No-Go Decisions

🔗 https://openssl-library.org/post/2025-02-12-openssl-3.5-go-nogo/?utm_source=atom_feed

From #OpenSSL -- Blog on OpenSSL Library

OpenSSL Corporation is running a poll right now on how we should conduct elections for the Technical Advisory Committee (TAC). https://openssl-communities.org/d/dNEA402w/seeking-community-input-open-or-secret-ballot-for-tac-elections

The question is simple: should we use an Open Ballot or a Secret Ballot? But the implications go much deeper.

As of now, the results are split:
- 40.9% support a secret ballot,
- 36.4% favor an open ballot,
- and 22.7% don’t have a preference.

This trend is a bit concerning. Seeing a significant portion leaning towards secrecy - or remaining indifferent - raises questions about how we view openness, accountability, and trust in our own community.

In OpenSSL, we stand for transparency, collaboration, and security through open processes. These principles don’t just shape our code - they define how we work as a community. If we believe in openness in our software, why shy away from openness in governance?

Of course, secret ballots have their historical justifications - protecting voters from coercion, manipulation, or undue influence. But is that concern still relevant in a technical advisory election within a trusted open-source project? Or are we defaulting to secrecy out of habit, rather than principle?

An open ballot fosters accountability - it encourages thoughtful, public-spirited decisions rather than votes made in isolation. It aligns with deliberative democracy, where choices are discussed, defended, and understood, not just made in the dark.

I came across a great article discussing the debate between secret and open voting, and it offers some fascinating insights into the trade-offs. If you’re on the fence or leaning towards secrecy, I’d encourage you to read it.

📖 Here’s the article: https://www.researchgate.net/publication/262855066_Against_the_secret_ballot_Toward_a_new_proposal_for_open_voting

What do you think? Should openness extend beyond code and into how we elect our representatives?

Haha… one can only wish it to be true…

- Are you part of the academic community? 📚
- Want to influence the future of OpenSSL? 💡

Join the conversation and share your insights on roadmap and feature priorities for this critical project. Let your voice be heard!

👉 Participate here: https://openssl-communities.org/d/sdFYx47G/soliciting-feedback-for-advice-related-to-roadmap-and-feature-prioritization-for-the-openssl-library

#OpenSSL #OpenSource #AcademicChatter

#OpenSSL 📢 -- OpenSSL Foundation publishes first ever annual report

🔗 https://openssl-library.org/post/2024-12-23-foundation-annual-report/?utm_source=atom_feed

From #OpenSSL -- Blog on OpenSSL Library

#OpenSSL 📢 -- Business Advisory Committees Elections Are Now Open - Vote for Your Community Representative

🔗 https://openssl-library.org/post/2024-12-05-bac-election/?utm_source=atom_feed

From #OpenSSL -- Blog on OpenSSL Library