The fifth beta release of OpenSSL 0.9.7 is now available from the OpenSSL FTP site <URL: ftp://ftp.openssl.org/source/>. This beta contains quite a number of fixes since beta 4. This is NOT a final beta, even if that was the original plan. The updated plan has beta 6 as final beta. It is scheduled for release on Thursday 2002-12-12. The final release of OpenSSL 0.9.7 has been rescheduled for Tuesday 2002-12-17. To make sure that it will work correctly, please test beta 5 thoroughly, for example with your favorite piece of software, and please report back to us! Also, please test on as many platforms as you have available and you have time for, especially on less common platforms. If you're interested in helping further, please join the openssl-dev@openssl.org list, where test requests on specific development snapshots will be announced. Changes between 0.9.7 beta 4 and 0.9.7 beta 5 include: o Bug fixes. o Only supports MIT Kerberos for now, Heimdal support is disabled. o Support for new platforms: Linux x86_64. The full set of changes between 0.9.6{x} and 0.9.7 beta 5 include: o New library section OCSP. o Complete rewrite of ASN1 code. o CRL checking in verify code and openssl utility. o Extension copying in 'ca' utility. o Flexible display options in 'ca' utility. o Provisional support for international characters with UTF8. o Support for external crypto devices ('engine') is no longer a separate distribution. o New elliptic curve library section. o New AES (Rijndael) library section. o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit, Linux x86_64 o Extended support for some platforms: VxWorks o Enhanced support for shared libraries. o Support for pkg-config. o Lots of new manuals. o Change DES API to clean up the namespace (some applications link also against libdes providing similar functions having the same name). Provide macros for backward compatibility (will be removed in the future). o Unify handling of cryptographic algorithms (software and engine) to be available via EVP routines for asymmetric and symmetric ciphers. o NCONF: new configuration handling routines. o Change API to use more 'const' modifiers to improve error checking and help optimizers. o Finally remove references to RSAref. o Reworked parts of the BIGNUM code. o Support for new engines: Broadcom ubsec, Accelerated Encryption Processing, IBM 4758. o A few new engines added in the demos area. o Extended and corrected OID (object identifier) table. o PRNG: query at more locations for a random device, automatic query for EGD style random sources at several locations. o SSL/TLS: allow optional cipher choice according to server's preference. o SSL/TLS: allow server to explicitly set new session ids. o SSL/TLS: support Kerberos cipher suites (RFC2712). Only supports MIT Kerberos for now. o SSL/TLS: allow more precise control of renegotiations and sessions. o SSL/TLS: add callback to retrieve SSL/TLS messages. o SSL/TLS: support AES cipher suites (RFC3268). The distribution file name is: o openssl-0.9.7-beta5.tar.gz MD5 checksum: 2d8dcddb3b545d9354178d41f8bb01bd The checksum was calculated using the following commands: openssl md5 < openssl-0.9.7-beta5.tar.gz --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com