OpenSSL 3.2 Released With Client-Side QUIC, SSL/TLS Security Level 2 Default

Written by Michael Larabel in Free Software on 23 November 2023 at 09:05 AM EST. 14 Comments
FREE SOFTWARE
OpenSSL 3.2 was released this morning as the latest major update to this widely-used cryptography and SSL/TLS project.

OpenSSL 3.2 introduces many new features and improvements for this very important library. Among the OpenSSL 3.2 release highlights are:

- The default SSL/TLS security level has been increased from 1 to 2.

- Support for client-side QUIC. including multi-stream support. QUIC is the general purpose transport layer network protocol that was developed by Google and since adopted by the IETF. With OpenSSL 3.2 is only the client-side QUIC support while for OpenSSL 3.3~3.4 over the next year they aim to further complete this QUIC implementation.

- Support for Ed25519ctx, Ed25519ph and Ed448p.

- Support for deterministic ECDSA signatures.

- Support for TCP Fast Open on Linux, macOS, and FreeBSD where supported.

- Support for TLS certificate compression with Zlib, Brotli, and Zstd.

- On Windows is now support for using the Windows system certificate store as a source of trusted root certificates but is not yet enabled by default.

- Support for SM4-XTS, AES-GCM-SIV, Argon2 KDF, Brainpool curves in TLS 1.3, TLS Raw Public Keys, and various other additions.

OpenSSL logo


Downloads and more details on the OpenSSL 3.2 release can be found via OpenSSL.org.
14 Comments
Related News
Servo Browser Engine Landed More Performance Optimizations In November
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
Llamafile 0.8.17 Brings New Web UI For This Easy-To-Distribute AI LLM Framework
Zrythm 1.0 Released For Powerful Open-Source Digital Audio Workstation
Blender 4.3 Released With AMD HIP-RT Ray-Tracing On Linux, Experimental Vulkan Backend
FreeCAD 1.0 Released With UI/UX Improvements, New Materials System
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
Vulkan Video Now Enabled By Default For Radeon VCN2/VCN3 Hardware On Linux
Rustls Multi-Threaded Performance Is Battering OpenSSL
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
KDE Starts December By Landing A Number Of New Features