Get the most out of your Centmin Mod LEMP stack
Become a Member

OpenSSL OpenSSL 3.0.0 released

Discussion in 'CentOS, Redhat & Oracle Linux News' started by buik, Sep 8, 2021.

Tags:
  1. buik

    buik "Nobody who ever gave his best regretted it." Premium Member

    1,426
    387
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,205
    Local Time:
    6:53 AM
    OpenSSL 3.0.0 released


    For details of the changes, see the release notes at:

    https://www.openssl.org/news/openssl-3.0-notes.html
     
  2. eva2000

    eva2000 Administrator Staff Member

    47,173
    10,667
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,571
    Local Time:
    2:53 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Yup saw the news. Haven't had the time to look at OpenSSL 3.0 since seemed so delayed/long in development and seeing that Nginx HTTP/3 is leaning more towards alternative crypto library using Quiche for both Nginx and Cloudflare implementations. But once I have time Centmin Mod Nginx will eventually support OpenSSL 3.0.
     
  3. buik

    buik "Nobody who ever gave his best regretted it." Premium Member

    1,426
    387
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,205
    Local Time:
    6:53 AM
    Yeah.. The main news is actually what's not in OpenSSL 3.0: QUIC support; needed for Nginx - HTTP/3.

    OpenSSL 3.0 was all in on The United States' Federal Information Processing Standards (FIPS). From a technical standpoint.

    A greater contrast is hardly imaginable:
    Strictly to be used in the US, due to requirements and legislation.
    For many users, because outside the US. Useless.
     
  4. buik

    buik "Nobody who ever gave his best regretted it." Premium Member

    1,426
    387
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,205
    Local Time:
    6:53 AM
    @eva2000 et al.
    I know responding to your own comment is not done.
    On the other hand, it doesn't matter that OpenSSL 3.0.0 doesn't have QUIC/HTTP/3 support yet. HTTP/3 is not yet an internet standard but a development draft.

    Some current browsers support HTTP/3 draft.
    But this has to be enabled manually to be able to use it.
    Usually only power users do this. If they even want this.

    In addition, HTTP/3 is disabled by default at large clubs such as Cloudflare. HTTP/3 must be enabled for both browser and server. Otherwise it won't work.
     
  5. Pasta

    Pasta New Member

    7
    1
    3
    Aug 3, 2021
    Ratings:
    +3
    Local Time:
    12:53 PM
    Nginx 1.21.x
    MariaDB 10.4
    Not true, newest version of chrome & firefox already enables http3 by default.
     
  6. buik

    buik "Nobody who ever gave his best regretted it." Premium Member

    1,426
    387
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,205
    Local Time:
    6:53 AM
    You are absolutely right.
    I was not aware of the HTTP/3 on by default feature.
    I'm Sorry. I should have known better and should consult the up-to-date source before posting.

    I relied on Cloudflare's HTTP/3 page which I visited a while back.
    Cloudflare updated its page a week ago and the source 9 days ago.

    https://developers.cloudflare.com/http3/chrome

    https://github.com/cloudflare/cloud...7dcb650b254124b1e123c051f51b34e295c821acec05b

    https://developers.cloudflare.com/http3/firefox

    https://github.com/cloudflare/cloudflare-docs/commit/1e331ee575779516555dcbb073fd101cb58807ac