OpenSSL 3.5.0 is a feature release adding significant new functionality to
OpenSSL.
This release incorporates the following potentially significant or incompatible
changes:
Default encryption cipher for the req, cms, and smime applications
changed from des-ede3-cbc to aes-256-cbc.
The default TLS supported groups list has been changed to include and
prefer hybrid PQC KEM groups. Some practically unused groups were removed
from the default list.
The default TLS keyshares have been changed to offer X25519MLKEM768 and
and X25519.
All BIO_meth_get_*() functions were deprecated.
This release adds the following new features:
Support for server side QUIC (RFC 9000)
Support for 3rd party QUIC stacks including 0-RTT support
Support for PQC algorithms (ML-KEM, ML-DSA and SLH-DSA)
A new configuration option no-tls-deprecated-ec to disable support for
TLS groups deprecated in RFC8422
A new configuration option enable-fips-jitter to make the FIPS provider
to use the JITTER seed source
Support for central key generation in CMP
Support added for opaque symmetric key objects (EVP_SKEY)
Support for multiple TLS keyshares and improved TLS key establishment group
configurability
API support for pipelining in provided cipher algorithms
Known issues in 3.5.0
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.3