News: 0001533442

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

OpenSSL 3.5 Alpha 1 Released With Server-Side QUIC

([Programming] 3 Hours Ago OpenSSL 3.5)


OpenSSL 3.5 Alpha 1 is out today as the first development milestone on the path to releasing OpenSSL 3.5.0 in April.

Some default changes coming with OpenSSL 3.5 include changing the default encryption cipher for the req / cms / smime applications from DES-EDE3-CBC to AES-256-CBC. The TLS supported groups list has also been updated in favor of PQC support and the default TLS keyshares has been changed to offer X25519MLKEM768 and and X25519.

One notable new feature with OpenSSL 3.5 is adding support for server-side QUIC with RFC-9000. RFC-9000 outlines QUIC for UDP-based multiplexed and secure transport. OpenSSL 3.5 is also introducing support for third-party QUIC stacks.

OpenSSL 3.5 Alpha 1 also bears ML-KEM, ML-DSA, SLH-DSA PQC algorithms. There is also support for multiple TLS keyshares and support added for opaque symmetric key objects (EVP_SKEY).

OpenSSL 3.5 Alpha 1 details and more information on this development release via [1]GitHub . The current [2]3.5 plans puts the OpenSSL 3.5 Beta release coming around 25 March and then the official OpenSSL 3.5 release by early to mid April depending upon if any slips are needed. OpenSSL 3.5 is also intended to be the project's next long-term stable (LTS) release supported through April 2030.



[1] https://github.com/openssl/openssl/releases/tag/openssl-3.5.0-alpha1

[2] https://openssl-library.org/post/2025-02-04-release-announcement-3.5/



Danny3

samueloph

hardfalcon

Arthur's Laws of Love:
(1) People to whom you are attracted invariably think you
remind them of someone else.
(2) The love letter you finally got the courage to send will be
delayed in the mail long enough for you to make a fool of
yourself in person.