OpenSSL

Cryptography and SSL/TLS Toolkit

Policies

In this section we try to document as many of our policies and procedures as possible. We do this for two reasons:

  • First, we want to to make sure everyone knows how the project is run. For example, when we announce a forthcoming fix for a high-severity bug, the Security Policy explains what that means.
  • Second, it helps us be consistent. For example, the Release Strategy defines the plan of record of when, and how long, various releases will be supported.

Put another way, by being as transparent as possible, we hope to reduce the chance that people are surprised by what we do, and we hope to help maintain predictable behavior within the project.

The Roadmap describes our overall goals and plans for OpenSSL. It is a living document and is expected to change over time. Objectives and dates should be considered aspirational.

If you want to contribute code or fixes to the project, please read the Coding Style page. For legal obligations of contributors, see the page on Contributor Agreements.

The OpenSSL project is managed by the OpenSSL Management Committee (OMC). The OMC works in accordance with the project bylaws which are available here. The OpenSSL project is represented in legal and most official formal capacities by the OpenSSL Software Foundation, a Delaware (US) non-profit corporation. Signing one of our CLA's grants certain rights to OSF. The OSF is operated according to its own by-laws.

We are pleased to mention that we follow the best practices of the Core Infrastructure Initiative.