OpenSSL version 0.9.7 released

  OpenSSL - The Open Source toolkit for SSL/TLS

  The OpenSSL project team is pleased to announce the release of
  version 0.9.7 of our open source toolkit for SSL/TLS.  This new
  OpenSSL version is a major release and incorporates at least 262
  changes and bugfixes to the toolkit (for a complete list see

  The most significant changes are:

      o New library section OCSP.
      o Complete rewrite of ASN1 code.
      o CRL checking in verify code and openssl utility.
      o Extension copying in 'ca' utility.
      o Flexible display options in 'ca' utility.
      o Provisional support for international characters with UTF8.
      o Support for external crypto devices ('engine') is no longer
        a separate distribution.
      o New elliptic curve library section.
      o New AES (Rijndael) library section.
      o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit,
        Linux x86_64, Linux 64-bit on Sparc v9
      o Extended support for some platforms: VxWorks
      o Enhanced support for shared libraries.
      o Now only builds PIC code when shared library support is requested.
      o Support for pkg-config.
      o Lots of new manuals.
      o Makes symbolic links to or copies of manuals to cover all described
      o Change DES API to clean up the namespace (some applications link also
        against libdes providing similar functions having the same name).
        Provide macros for backward compatibility (will be removed in the
      o Unify handling of cryptographic algorithms (software and engine)
        to be available via EVP routines for asymmetric and symmetric ciphers.
      o NCONF: new configuration handling routines.
      o Change API to use more 'const' modifiers to improve error checking
        and help optimizers.
      o Finally remove references to RSAref.
      o Reworked parts of the BIGNUM code.
      o Support for new engines: Broadcom ubsec, Accelerated Encryption
        Processing, IBM 4758.
      o A few new engines added in the demos area.
      o Extended and corrected OID (object identifier) table.
      o PRNG: query at more locations for a random device, automatic query for
        EGD style random sources at several locations.
      o SSL/TLS: allow optional cipher choice according to server's preference.
      o SSL/TLS: allow server to explicitly set new session ids.
      o SSL/TLS: support Kerberos cipher suites (RFC2712).
        Only supports MIT Kerberos for now.
      o SSL/TLS: allow more precise control of renegotiations and sessions.
      o SSL/TLS: add callback to retrieve SSL/TLS messages.
      o SSL/TLS: support AES cipher suites (RFC3268).

  We consider OpenSSL 0.9.7 to be the best version of OpenSSL available
  and we strongly recommend that users of older versions upgrade as
  soon as possible.  OpenSSL 0.9.7 is available for download via HTTP
  and FTP from the following master locations (you can find the various
  FTP mirrors under http://www.openssl.org/source/mirror.html):

    o http://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/

  OpenSSL 0.9.6 (all patch levels) came in the form of two distributions,
  a "normal" one and an "engine" variant that included support for external
  crypto devices.  In 0.9.7, the "engine" framework is part of the "normal"
  distribution, so there are no variants of 0.9.7.

  The distribution file name is:

      o openssl-0.9.7.tar.gz [normal]
        MD5 checksum: ef376d14205afcfb831cd3720f705d79

  The checksum was calculated using the following command:

    openssl md5 < openssl-0.9.7.tar.gz

  The OpenSSL Project Team...  

    Mark J. Cox             Ben Laurie          Andy Polyakov
    Ralf S. Engelschall     Richard Levitte     Geoff Thorpe
    Dr. Stephen Henson      Bodo Möller
    Lutz Jänicke            Ulf Möller

Version: 2.6.3ia
Charset: noconv

OpenSSL Project                                 http://www.openssl.org
Announcement Mailing List                 [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to