Meeting Minutes: Board and BAC Monthly (2025-03-24)

Below are the minutes from the recent BAC and Board of Directors meeting. All members receiving this notification are encouraged to review the minutes and actively participate in the discussion. That's one of the opportunities to engage directly with BAC members by replying in the thread below. Your input helps us ensure the OpenSSL community remains transparent, collaborative, and responsive to your needs.

Attendees

@Anton Arapov, @James Bourne, @Paul Dale, @Tim Hudson, @Jaroslav Reznik
Absent: @Katerina Micova, @Jeff Johnson, @Billy Brumley, @Randall Becker

Agenda

1. Updates on the Business Advisory Committee.

2. Community engagement and feedback mechanisms.

Summary

The meeting focused on discussing community engagement and feedback regarding OpenSSL features, with participants sharing insights on upcoming presentations and outreach efforts. Key topics included the need for better communication and transparency within the community, particularly regarding the Advisory Committee and ongoing projects. Additionally, there was consensus on the importance of the Board of Directors keeping the community and BAC members informed about internal OpenSSL developments.

Key points

Technical Advisory Committee (TAC)

• Anton announced that elections for the Technical Advisory Committee will occur in three weeks, with nominations currently being gathered.

• There was a discussion about the need for better community engagement and input regarding future OpenSSL releases.

Community Engagement and Feedback

• Anton emphasized the importance of understanding community needs and desires for future features in OpenSSL.

• James expressed the need for clarity on the list of features and how to approach the community for feedback.

• Paul shared insights from two separate polls conducted within the academic and committers' communities, highlighting the top requested features: encrypted client hello, and constant time big number operations.

Binaries and Development

• James mentioned ongoing discussions with engineering teams regarding the development of binaries for Windows.

• Anton confirmed that the expectation is for the engineering team to reach out to James for further discussions on implementation.

Outreach and Presentations

• James outlined his plans for outreach, including presentations to various cybersecurity groups in Australia to gather feedback on community needs.

• He proposed creating a slide deck to summarize OpenSSL's history, upcoming features, and how to contribute, seeking Anton's assistance in developing this content.

Cyber Resilience Act (CRA)

• Jaroslav discussed the implications of the Cyber Resilience Act in Europe and the need for OpenSSL to be aware of its potential impact.

• He plans to prepare a report from the conference to share insights with the OpenSSL community.

Community Communication and Transparency

• There was a consensus on the need for improved communication regarding the activities of the BAC/TAC and the broader OpenSSL community.

• Tim suggested making meeting minutes accessible and encouraging community participation in discussions about the minutes.

• The group discussed the importance of transparency in operations and how to better inform community members about ongoing activities.

Future Actions

• Anton will create a report summarizing the meeting and share it with attendees.

• Jaroslav will reach out to distribution communities to enhance engagement before the face-to-face meeting.

• James will draft a message to encourage participation in the small business community and share it with Anton for review.

• Tim will consider incorporating community-related content into his upcoming presentation at ICMC.