What This Is

This is a fork of the OpenSSL library. It started as a project to only enable QUIC, but as time went on, we believe OpenSSL strayed further from what their bulk of their community wants. As such, this has evolved into a a full-fledged fork of OpenSSL. We are already closely collaborating with the other two major forks, BoringSSL and Libre, and our longer-range plan is to turn this over into a viable Apache Software Foundation project.

This project enables QUIC, it does not implement it. The API's were first developed by Google and are now in widespread use, including Microsoft's MsQuic, Google's Chromium QUIC, and others.

You can find a more minimal set of patches -- just providing the QUIC API -- at our OpenSSL repository. That covers their 1.1 release and the 3.0 stream up through 3.2. The software here is based on the OpenSSL 3.3 release.

On to the questions and answers.

What about branches?

We don't want to conflict with OpenSSL branch names. Our previous plan was to append +quic to upstream tag names to create our branches. Now that we are indpendant of OpenSSL we will need to think about this.

How are you keeping current with OpenSSL?

We will cherry-pick security and other important fixes from OpenSSL mainline as they appear. If you see a particular PR of theirs that is important to you, please open an issue.

What about library names?

Library names will be the same, but might use a different version number eventually. The version numbers for the current OpenSSL libraries are 3 (for the 3.0 branch). We will be prefixing 81 (ASCII for 'Q') to the version numbers to generate a unique version number.

For example:

libcrypto.so.81.3 vs libcrypto.so.3
libcrypto.so.81.1.1 vs libcrypto.so.1.1
libssl.so.81.3 vs libssl.so.3
libssl.so.81.1.1 vs libsslo.so.1.1

The SONAME of these libraries are all different, guaranteeing the correct library will be used.

...and the executable?

We currently do not have any plans to change the name, for compatibility.

The openssl version command will report that it is +quic enabled.

...and FIPS?

We are not doing anything with FIPS. This is actually good news: you should be able to load the OpenSSL 3 FIPS module into an application built against this fork and everything should Just Work.

How can I contribute?

We want any code here to be acceptable to OpenSSL. For now, our PR requires a checkbox saying you are authorizing the contribution under the terms of the ASF license. You might want to think about signing the appropriate OpenSSL contributor license agreements. We want this code to be usable by any and all forks, should they desire.

Who are you?

This is a collaborative effort between Akamai and Microsoft. We welcome anyone to contribute!

To learn more about HTML Tidy see http://tidy.sourceforge.net Please send bug reports to html-tidy@w3.org HTML and CSS specifications are available from http://www.w3.org/ Lobby your company to join W3C, see http://www.w3.org/Consortium To learn more about HTML Tidy see http://tidy.sourceforge.net Please send bug reports to html-tidy@w3.org HTML and CSS specifications are available from http://www.w3.org/ Lobby your company to join W3C, see http://www.w3.org/Consortium