We are pleased to announce our schedule for the April release of OpenSSL 3.3. In
accordance with our adoption of biannual time-based releases following the
release of OpenSSL 3.2, this will be our first time-based release.
The release schedule is as follows:
- An alpha of OpenSSL 3.3 will be made on 20 March 2024.
- A beta of OpenSSL 3.3 will then be made on 29 March 2024.
-
The expected final release date for OpenSSL 3.3.0 is 10 April 2024.
Backup release dates are 17 April 2024 and 24 April 2024.
Additional alphas and betas are not anticipated.
OpenSSL 3.3 will feature the following new features:
- QUIC qlog diagnostic logging support
- Support for the non-blocking polling of multiple QUIC connection or stream
objects - Support for optimised generation of end-of-stream frames for QUIC connections
- Support for disabling QUIC event processing when making API calls
- Support for configuring QUIC idle timeout durations
- Support for querying the size and utilisation of a QUIC stream’s write buffer
- RCU lock infrastructure for performance enhancements
- Support for RFC 9480 and RFC 9483 extensions to CMP
- Ability to disable OpenSSL usage of
atexit(3)at build time - Year 2038-compatible
SSL_SESSIONAPIs - Ability to automatically derive Chinese Remainder Theorem (CRT) parameters
when requested - Ability to ignore unknown algorithm names in TLS signature algorithm and group
configuration strings - Ability to configure a TLS 1.3 server to prefer PSK-only key exchange during
session resumption
No further features or API changes are planned for 3.3 beyond those listed
above. We will not be accepting any additional features for 3.3; any unmerged
feature PRs will now be considered for 3.4.
The release process of OpenSSL 3.3 will be managed by Neil Horman (@nhorman). Details on
the release schedule can be found on the new OpenSSL Release Schedule board on
GitHub.
The release of the subsequent feature release, OpenSSL 3.4, will occur no later
than 31 October 2024.