We would like to thank our sponsors Private Internet Access and DuckDuckGo for helping to fund this security review, as well as all of our donors and individual supporters. This crucial work doesn't happen without support from the community.
The quick and dirty:
OpenSSL version 1.1.1 was evaluated with special foci on new TLS 1.3 features
OSTIF is Partnering with the Internet Bug Bounty and HackerOne for Bug Bounties!
The Open Source Technology Improvement Fund will be partnering with the Internet Bug Bounty and HackerOne in a partnership that will get our supported projects listed on HackerOne with no overhead costs!
HackerOne is the de-facto site for bug hunters around the world,
We have completed the security review of the new Pseudorandom Number Generator (PRNG) for OpenSSL 1.1.1.
This security review was sponsored by Private Internet Access, ExpressVPN, DuckDuckGo, OpenVPN, and the privacy community.
Random number generation is a crucial component in all cryptography, because the randomness of numbers is the mechanism that makes secret numbers hard to
UPDATE: We are now 81% funded! Keep spreading the word!
Matched donations by DuckDuckGo on Crowdrise here: https://www.crowdrise.com/o/en/campaign/ostif1/ostif
Ways to contribute for FREE: https://ostif.org/how-to-contribute-to-ostif-for-free/
Donate using a huge number of options here: https://ostif.org/donate
What are we working on?
OpenSSL powers everything. 70% of the top million websites use OpenSSL to provide encryption services to their visitors and to encrypt user information.
Double Your Donations With CrowdRise
Today, we begin our second round of funding in partnership with DuckDuckGo, who will be matching Crowdrise donations for the next four weeks!
You can view the Crowdrise campaign and donate here to have your donation matched (doubled): https://www.crowdrise.com/o/en/campaign/ostif1/
OpenSSL 1.1.1 Project Changes
We have made changes to the proposed OpenSSL project to
Welcome to Private Internet Access for Becoming our First Platinum Sponsor!
We are welcoming Private Internet Access to the OSTIF family, as they have became our first platinum sponsors. Their commitment to free and open software has been tremendous, first funding two OpenVPN code review projects and now the OpenSSL 1.1.1 project and OSTIF as