Cryptography and SSL/TLS Toolkit

Project Roadmap 2016-2017

First issued 7th October 2016
Last modified 7th October 2016

This document is the OpenSSL project roadmap. It is a living document and is expected to change over time. Objectives and dates should be considered aspirational.

Table of Contents:

  1. Objectives
  2. Forthcoming Features


Some of these objectives can be achieved more easily and quickly than others.

TLS 1.3

Interoperable implementation of client and server side of the protocol (Timescale: Next feature release)


Updated cryptographic module (Timescale: future feature release)

Issues Backlog

  1. Manage all newly submitted issues in a timely manner. An initial classification occurs within two weeks. (Timescale: Now)
  2. Reduce over time the existing issues backlog. This may include the mass closure of very old tickets, such as those raised before the release of any currently supported version. (Timescale: Ongoing)

Incomplete/incorrect documentation

  1. All new public API will be documented (Timescale: Now).
  2. Provide improved documentation for all of the public SSL APIs (excluding deprecated APIs) (Timescale: Within one year).

Improved testing

  1. 67% coverage as measured by Coveralls (Timescale: Within one year).
  2. Significantly improved TLS protocol-level testing (Timescale: Next feature release).

Platform Strategy

  1. Classify all the platforms known by Configure according to the platform policy (Timescale: Next feature release)
  2. Publish the build and test status for each platform (Timescale: Next feature release)

Forthcoming Features

The primary focus of the next feature release is TLS 1.3.

We are also evaluating the following new features.

  • New AEAD API
  • SHA3
  • X25519 performance improvements
  • New IETF signature algorithms
  • PKCS#11
  • PRNG replacement
  • ASN.1 encoder/decoder replacement
  • STORE (certificate, crl, key storage API)
  • Replace CAPI with newer API engine