The OpenSSL Project is pleased to announce that OpenSSL 3.5 Alpha1 pre-release has been released and is adding significant new functionality to the OpenSSL Library.
-- This release incorporates the following potentially significant or incompatible changes:
- Default encryption cipher for the req, cms, and smime applications changed from des-ede3-cbc to aes-256-cbc
- The TLS supported groups list has been changed in favor of PQC support.
- The default TLS keyshares have been changed to offer X25519MLKEM768 and X25519.
This release adds the following new features:
- Support for server side QUIC (RFC 9000)
- Support for 3rd party QUIC stacks
- Support for PQC algorithms (ML-KEM, ML-DSA, SLH-DSA)
- Allow the FIPS provider to optionally use the JITTER seed source. Because this seed source is not part of the OpenSSL FIPS validations, it should only be enabled after the [jitterentropy-library] has been assessed for entropy quality. Moreover, the FIPS provider including this entropy source will need to obtain an [ESV] from the [CMVP] before FIPS compliance can be claimed. Enable this using the configuration option enable-fips-jitter.
- Support for central key generation in CMP
- Support added for opaque symmetric key objects (EVP_SKEY).
- Support for multiple TLS keyshares.
You can download the Alpha release from our download page [1] or from the GitHub release page [2]
You received this message because you are subscribed to the Google Groups "openssl-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx.
To view this discussion visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/CAODx15dPZRNHwOU1b0XdaCoWo7We7StUp_0UD87F-QQCSVV_Ug%40mail.gmail.com.
