OpenSSL 1.0.0 arrives
After a beta phase lasting exactly a year, the final version of OpenSSL 1.0.0 is here. The source code is now available to download and the list of changes from the previous version 0.9.8(n) is extensive. Version 1.0.0 includes several new features and enhancements, including support for the Whirlpool free hash algorithm, an alternative to the MD5 and SHA-1 algorithms, which have been under scrutiny due to the existence of simplified collision attacks.
Support for elliptic curve-based public key cryptography has also been extended, PKCS#8 is now the standard format for storing private keys and it is no longer necessary to specify whether a registered algorithm is a cipher or a digest on the command line – entering openssl sha256 blafasel.txt (for example) is sufficient.
The development team has also incorporated GOST, the Russian cryptographic standard, into OpenSSL. Querying of blocked certificates via certificate revocation lists (CRLs) and the online certificate status protocol (OCSP) has been enhanced. A complete overview of all changes and new functions can be found in the change log. The downloadable version (direct download text file) of the log even includes forthcoming changes for version 1.1.0. The developers are strongly advising users to update to version 1.0.0.
- OpenSSL version 1.0.0 released, mailing list announcement.
- OpenSSL 1.0.0 beta1 published, a report from The H.