Heightened Security: OpenSSL 1.0.0 Beta 1

Apr 02, 2009

OpenSSL is approaching version 1.0: the first beta provides a few enhancements and the project is calling for tests.

No April Fool's joke, the first beta version of OpenSSL has been released. The toolkit has been around under Linux for years, although the project so far has been very conservative in its versioning. OpenSSL developers are now asking the community to test the 1.0.0 first beta and send patches and bugs to openssl-bugs@openssl.org.

Per changelog, numerous changes occurred in the libraries since version 0.9.8. Digest and cipher names no longer require the dgst and cipher keywords on the command line. The hash format for certificate directory links was improved and now uses the SHA1 instead of MD5 algorithm. Changes sponsored by Google are showing up related to certificate revocation lists (CRLs). The changelog accompanies the source code and has further details.

OpenSSL is a free implementation of Secure Sockets Layer (SSL) v2/v3 and Transport Layer Security (TLS) v1, further based on the SSLeay library developed by Eric A. Young and Tim J. Hudson. It generates and manages certificates and creates keys. Sources for OpenSSL are available on the project's download page.

Related content

  • OpenSSL with Bash

    Cryptography is an important part of IT security, and OpenSSL is a well-known cryptography toolkit for Linux. Experts depend on OpenSSL because it is free, it has huge capabilities, and it’s easy to use in Bash scripts.

  • Vulnerabilities in OpenSSL

    Three security issues have been identified in the Open Source implementation of the SSL/TLS protocol, OpenSSL. The vulnerabilities allow targeted attacks.

  • Security Lessons: Cryptographic Agility

    When dangerous security flaws are discovered, being able to switch to alternative software can be crucial.

  • OpenSSL 1.0.0 Released

    Version 1.0.0 of the free implementation of SSL and TLS protocols, OpenSSL, is now available in a major release.

  • Update: US-CERT Records Internet Explorer Security Advisory

    An unpatched security hole in Microsoft's Internet Explorer (IE) browser has triggered an advisory that is now recorded with the U.S. Computer Emergency Readiness Team (US-CERT).

comments powered by Disqus

Issue 174/2015

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News

njobs Europe
What:
Where:
Country:
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia