Removal of SSLv3
Nicola Tuveri
Public
Seen by 19
The Foundation is asking the BAC’s feedback on a PR that proposes to remove support for SSLv3 entirely from the codebase, more details here: https://openssl-communities.org/d/rGYnVkxK/removal-of-sslv3
I would like to know what are our community’s views on this to report within the BAC.
Should this be done at all? Wait for 4.0 (April 2026) or would this be ok already for 3.6 (October 2025) if it qualifies for a minor release update in terms of not breaking compatibility?
Please help me represent the academics view on this matter.
Peter Gutmann Tue 22 Jul 2025 1:12PM
Just as a data point, I removed the SSLv3 code from cryptlib some years ago, and that's with a lot of embedded users that hang onto old stuff forever, and no-one has ever complained. If nothing breaks I'd say remove it from 3.6.
TLS 1.0 OTOH, that's not going to be so easy to get rid of, there's a still-supported device running TLS 1.0 a few metres from where I'm sitting.
Shubham Kumar Thu 24 Jul 2025 8:32PM
Given the long deprecation timeline and the availability of upgraded protocols, it would be best to remove at the earliest release (in my opinion, not r3.6, but maybe r3.7 instead). This would provide enough time for any legacy software still depending on it to migrate to more secure and modern alternatives. From a broader perspective, migrating to higher versions will be beneficial for the ecosystem as a whole as well.
And a pre-announcement from OpenSSL will be great in alerting the broader community and encouraging proactive upgrades.
That said, if ABI stability is a major concern, deferring the removal to 4.0 will make more sense.
Milan Broz · Tue 22 Jul 2025 7:01AM
Remove it, but such changes should go into major releases, here 4.0. The problem is that you can still use 3.x in obscure scenarios (compiling it yourself, for example, to access some very old, non-upgradable lab equipment). I would not expect something to disappear in a 3.x upgrade (until it is not a critical fix).