After eight months of development, the release of the library opensl 3.2.0 was announced by the OpenSSL team. This latest version includes the implementation of the SSL/TLS protocols and various encryption algorithms. The OpenSSL 3.2 support is set to last until November 23, 2025. Support for previous branches, OpenSSL 3.1 and 3.0 LTS, will continue until March 2025 and September 2026, respectively. It is important to note that the support for the branch 1.1.1 was discontinued in September of this year. The project code is available on GitHub under the Apache 2.0 license.
The main innovations introduced in Opensl 3.2.0 are:
- The client support for the QUIC protocol (RFC 9000), which is used as a transport in the HTTP/3 protocol. This implementation enables the transfer of multiple flows through a single communication channel. The components for the use of QUIC on servers will be included in the Opensl 3.3 issue, planned to be published no later than April 30, 2024. QUIC is a protocol developed by Google as an alternative to TCP+TLS for the Web. It aims to address issues related to TCP connection establishment and coordination, as well as packet loss delays during data transfer.
- TLS now supports an extension for compressing certificates during the connection establishment stage (RFC 8879). This allows for reducing the traffic generated by certificate transfer during the connection coordination phase. The compression is achieved using libraries such as zlib, ZSTD, and Brotli.
- Support for the deterministic version of digital signatures ECDSA, known as Deterministic Ecdsa (RFC 6979
/Reports, release notes, official announcements.