List of priorities for distributions - please cast your vote!
dot vote by Jaroslav Reznik Closing Tue 17 Feb 2026 3:00PM
What is this poll about?
At the OpenSSL Distribution Community meeting in Brussels (on 30th January, 2026), the distribution community was tasked to provide actionable list of priorities for distributions. As not all distributions were present on site, or virtually, we would like to give them the opportunity to cast a vote.
The whiteboard with votes from participating distributions (Red Hat, CentOS, Fedora, Ubuntu, Chainguard, SUSE, Microsoft).
Why is this important?
OpenSSL Corporation and Foundation need the input from the broader distribution community to prioritise development. Distribution Community providing the list of priorities would be seen as a partner in the development of the OpenSSL project.
What are you asking people to do?
Please provide votes for up to five priorities from the list.
Thank you for your participation!
Current results
| Current results | Option | % of points | Points | Mean | Voters | ||
|---|---|---|---|---|---|---|---|
|
|
Patch upstreaming | 12 | 3 | 1 | 5 | ||
|
|
Session resumption performance | 12 | 3 | 1 | 5 | ||
|
|
EVP_sha256() should use fetch internally (for speed) | 12 | 3 | 1 | 5 | ||
|
|
Configurability (crypto-policies, x509 requirements) | 12 | 3 | 1 | 5 | ||
|
|
EVP prefetch & caching (store freeze) | 12 | 3 | 1 | 5 | ||
|
|
Regression testing (e.g. Python, Node, Ruby) | 12 | 3 | 1 | 5 | ||
|
|
Publicity work: talking the talk | 12 | 3 | 1 | 5 | ||
|
|
OpenSSL language bindings / Rust crate | 8 | 2 | 0 | 5 | ||
|
|
Rust crypto under OpenSSL umbrella | 4 | 1 | 0 | 5 | ||
|
|
Statically linked FIPS (provider) | 4 | 1 | 0 | 5 | ||
| Easy on-boarding experience | 0 | 0 | 0 | 5 | |||
| Always green CI | 0 | 0 | 0 | 5 | |||
| Bare metal target (UEFI/Secure Boot) | 0 | 0 | 0 | 5 | |||
| Easy API | 0 | 0 | 0 | 5 | |||
| Undecided | 0 | 0 | 36 |
5 of 41 votes cast (12% participation)
Dmitry Belyavsky Tue 3 Feb 2026 3:46PM
| 1 - OpenSSL language bindings / Rust crate | |
|
|
|
| 1 - EVP prefetch & caching (store freeze) | |
|
|
|
| 1 - Session resumption performance | |
|
|
|
| 1 - EVP_sha256() should use fetch internally (for speed) | |
|
|
|
| 1 - Configurability (crypto-policies, x509 requirements) | |
|
|
|
| 0 - Publicity work: talking the talk | |
|
|
|
| 0 - Bare metal target (UEFI/Secure Boot) | |
|
|
|
| 0 - Statically linked FIPS (provider) | |
|
|
|
| 0 - Patch upstreaming | |
|
|
|
| 0 - Easy API | |
|
|
|
| 0 - Rust crypto under OpenSSL umbrella | |
|
|
|
| 0 - Regression testing (e.g. Python, Node, Ruby) | |
|
|
|
| 0 - Easy on-boarding experience | |
|
|
|
| 0 - Always green CI | |
|
|
I replicated my voices from the meeting. Basically I think that EVP_sha256 and store_freeze are heavily linked features
Ravi Tue 3 Feb 2026 3:46PM
| 1 - EVP prefetch & caching (store freeze) | |
|
|
|
| 1 - Regression testing (e.g. Python, Node, Ruby) | |
|
|
|
| 1 - EVP_sha256() should use fetch internally (for speed) | |
|
|
|
| 1 - Session resumption performance | |
|
|
|
| 1 - Patch upstreaming | |
|
|
|
| 0 - OpenSSL language bindings / Rust crate | |
|
|
|
| 0 - Publicity work: talking the talk | |
|
|
|
| 0 - Bare metal target (UEFI/Secure Boot) | |
|
|
|
| 0 - Statically linked FIPS (provider) | |
|
|
|
| 0 - Easy API | |
|
|
|
| 0 - Rust crypto under OpenSSL umbrella | |
|
|
|
| 0 - Configurability (crypto-policies, x509 requirements) | |
|
|
|
| 0 - Easy on-boarding experience | |
|
|
|
| 0 - Always green CI | |
|
|
In internal discussions, performance and regression testing were identified as highest priority for Ubuntu users. More Rust in Distro is introducing its own set of challenges wrt various crypto libs, fips, and long term support for the `main` archive. This is early days, we are going to monitor developments before committing to a specific solution.
Could somebody please add Ubuntu 24.04 to https://openssl-library.org/performance/? (or point to instructions)
James Bourne Tue 3 Feb 2026 3:46PM
| 1 - EVP_sha256() should use fetch internally (for speed) | |
|
|
|
| 1 - Publicity work: talking the talk | |
|
|
|
| 1 - Session resumption performance | |
|
|
|
| 1 - EVP prefetch & caching (store freeze) | |
|
|
|
| 1 - Patch upstreaming | |
|
|
|
| 0 - Always green CI | |
|
|
|
| 0 - OpenSSL language bindings / Rust crate | |
|
|
|
| 0 - Bare metal target (UEFI/Secure Boot) | |
|
|
|
| 0 - Statically linked FIPS (provider) | |
|
|
|
| 0 - Easy API | |
|
|
|
| 0 - Rust crypto under OpenSSL umbrella | |
|
|
|
| 0 - Configurability (crypto-policies, x509 requirements) | |
|
|
|
| 0 - Regression testing (e.g. Python, Node, Ruby) | |
|
|
|
| 0 - Easy on-boarding experience | |
|
|
Session resumption, EVP_sha256 and EVP prefetch to improve performance vs 1.1.1. Patch upstreaming: less rebasing. Publicity: advise community/users/etc. of what's new and why it's better.
Anton Arapov · Tue 3 Feb 2026 3:58PM
@Jaroslav Reznik There is a lot of context missing from just a photo. I think it makes much more sense to get this (almost) at the item level, describing the meaning of each one, at least briefly.
At this point, this thread may help clarify what each item means. I welcome those who were present at the meeting to contribute context.
Thanks!