OpenSSL 4.0 Alpha 1 is now available for testing. Key additions include TLS Encrypted Client Hello (ECH, RFC 9849), which encrypts the initial TLS handshake to hide Server Name Indication and prevent hostname leakage — replacing the older ESNI standard. Other new features include RFC 8998 signature algorithm support, cSHAKE functions, ML-DSA-MU digest algorithm, and SNMP KDF and SRTP KDF support. The release also removes a significant amount of legacy code.
Sort: