OpenSSL 3.2.0 officially GA

News 2023-11-24 17:06:33 views: null

The OpenSSL development team announced that the first version of the OpenSSL 3.2 series - OpenSSL 3.2.0 is officially GA.

OpenSSL 3.2 implements the first version of the client for QUIC, a universal transport layer network protocol developed by Google and later adopted by the IETF. For OpenSSL 3.3 and next year's OpenSSL 3.4, they aim to further complete this implementation.

In addition, support for Brainpool curve in TLS 1.3, original public key (RFC7250) support, support for certificate compression using Brotli and Zstd, SM4-XTS support, deterministic ECDSA signature, AES-GCM-SIV, hybrid public key encryption (HPKE)), and other features.

OpenSSL 3.2 also changes the default SSL/TLS security level from 1 to 2.

OpenSSL 3.2.0 major changes

  1. Client-side QUIC support, including support for multiple streams (RFC 9000)
  2. Support for certificate compression (RFC 8879) in TLS, including support for zlib, zstd and Brotli
  3. Deterministic ECDSA(RFC 6979)
  4. In addition to existing support for Ed25519 and Ed448, Ed25519ctx, Ed25519ph and Ed448ph (RFC 8032) are also supported
  5. AES-GCM-SIV(RFC 8452)
  6. Argon2 (RFC 9106) and support for thread pool functionality
  7. HPKE(RFC 9180)
  8. Ability to use raw public keys in TLS (RFC 7250)
  9. Supports TCP Fast Open (RFC 7413) if the operating system allows it
  10. Support for provider-based pluggable signature schemes in TLS, enabling third-party post-quantum and other algorithm providers to use these algorithms in TLS
  11. Support for Brainpool curves in TLS 1.3
  12. SM4-XTS
  13. Support for using the Windows system certificate store as a source of trusted root certificates. This feature is not enabled by default and needs to be activated using an environment variable. It is expected that this will become enabled by default in a future feature release

See  the NEWS file and  CHANGES file for details .

Users interested in new QUIC features are recommended to read QUIC's README file , which provides links to relevant documentation and sample code.

OpenSSL 3.3 will be the next functional update after OpenSSL 3.2 and will be released no later than April 30, 2024. This release is expected to include QUIC server support.

Guess you like

Origin www.oschina.net/news/267915/openssl-3-2-0-final
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com