OpenSSL 3.5 Alpha 1 Released With Server-Side QUIC
([Programming] 3 Hours Ago
OpenSSL 3.5)
- Reference: 0001533442
- News link: https://www.phoronix.com/news/OpenSSL-3.5-Alpha-1
- Source link:
OpenSSL 3.5 Alpha 1 is out today as the first development milestone on the path to releasing OpenSSL 3.5.0 in April.
Some default changes coming with OpenSSL 3.5 include changing the default encryption cipher for the req / cms / smime applications from DES-EDE3-CBC to AES-256-CBC. The TLS supported groups list has also been updated in favor of PQC support and the default TLS keyshares has been changed to offer X25519MLKEM768 and and X25519.
One notable new feature with OpenSSL 3.5 is adding support for server-side QUIC with RFC-9000. RFC-9000 outlines QUIC for UDP-based multiplexed and secure transport. OpenSSL 3.5 is also introducing support for third-party QUIC stacks.
OpenSSL 3.5 Alpha 1 also bears ML-KEM, ML-DSA, SLH-DSA PQC algorithms. There is also support for multiple TLS keyshares and support added for opaque symmetric key objects (EVP_SKEY).
OpenSSL 3.5 Alpha 1 details and more information on this development release via [1]GitHub . The current [2]3.5 plans puts the OpenSSL 3.5 Beta release coming around 25 March and then the official OpenSSL 3.5 release by early to mid April depending upon if any slips are needed. OpenSSL 3.5 is also intended to be the project's next long-term stable (LTS) release supported through April 2030.
[1] https://github.com/openssl/openssl/releases/tag/openssl-3.5.0-alpha1
[2] https://openssl-library.org/post/2025-02-04-release-announcement-3.5/
Some default changes coming with OpenSSL 3.5 include changing the default encryption cipher for the req / cms / smime applications from DES-EDE3-CBC to AES-256-CBC. The TLS supported groups list has also been updated in favor of PQC support and the default TLS keyshares has been changed to offer X25519MLKEM768 and and X25519.
One notable new feature with OpenSSL 3.5 is adding support for server-side QUIC with RFC-9000. RFC-9000 outlines QUIC for UDP-based multiplexed and secure transport. OpenSSL 3.5 is also introducing support for third-party QUIC stacks.
OpenSSL 3.5 Alpha 1 also bears ML-KEM, ML-DSA, SLH-DSA PQC algorithms. There is also support for multiple TLS keyshares and support added for opaque symmetric key objects (EVP_SKEY).
OpenSSL 3.5 Alpha 1 details and more information on this development release via [1]GitHub . The current [2]3.5 plans puts the OpenSSL 3.5 Beta release coming around 25 March and then the official OpenSSL 3.5 release by early to mid April depending upon if any slips are needed. OpenSSL 3.5 is also intended to be the project's next long-term stable (LTS) release supported through April 2030.
[1] https://github.com/openssl/openssl/releases/tag/openssl-3.5.0-alpha1
[2] https://openssl-library.org/post/2025-02-04-release-announcement-3.5/
Danny3