What the Brno F2F Means for Academics — Insights from Your Representatives
Hi all — Billy and Nikolas here. We were both at the OpenSSL F2F in Brno this May, bringing the two perspectives of this community with us: Billy from the business side and Nikolas from the technical side.
TL;DR: There are open research problems with real-world stakes on the table, a collaborative paper looking for co-authors, new low-cost ways to plug students and groups into the project, and future F2F dates will be set around academic calendars so this community can actually attend and grow.
The full write-up runs in two committee spaces, worth visiting separately: the BAC thread carries the business and governance discussion (funding direction, sustainability, engagement). The TAC thread carries the technical conversation with the specifications behind it. Both readable by anyone. Here is the academics-relevant part:
Open problems. ML-KEM (FIPS 203) side-channel testing found no timing leakage across Intel, ARM, Power, and S390X at nanosecond resolution. However, ML-DSA (FIPS 204) showed correlations between signature encoding and the key matrix that need deeper analysis. That is an open thread with deployment consequences, not a toy problem. Separately, low-memory ML-DSA/ML-KEM implementation techniques are being ported into C as a library mode and a standalone version, with a methodology write-up targeted at Real World Crypto. Early benchmarks look competitive with AVX-accelerated paths even without AVX, though the figures are provisional pending recalibration.
PKI is being rethought, and the governance question is wide open. Two IETF drafts are being prototyped: TLS Trust Anchor Identifiers (negotiate the smallest certificate that satisfies the handshake) and Merkle Tree Certificates (transparency built into issuance, post-quantum-sized certificates). Beyond the formal-analysis questions these raise, there is a structural one nobody has answered: no representative venue exists for PKI policy outside the browser world. If your interests run to Internet governance, standards, or measurement, this is a field with the chairs still unstacked.
A collaborative paper, looking for co-authors. Coming out of the week, a collaborative paper is being started on threat-model realism in security research regarding the gap between assumed attacker capabilities and deployed reality, and how to categorise research within realistic threat models so its real-world applicability can be judged. Collaborators are being invited: if your group works on side channels, applied crypto, or evaluation methodology, this is an easy on-ramp into working with the project!
Plugging students in just got cheaper. The university-course contribution model keeps proving itself: roughly 37 student pull requests in the latest run, around 20 merged. The machinery around it is being formalised: student-contribution triage tags, named maintainer contacts, and contribution guidelines for classes. Grading on process and responsiveness rather than merges alone turned out to be the design insight. The code is on GitHub at github.com/openssl/openssl. One practical note for supervisors: AI-assisted contributions are accepted where the tool is disclosed and human review confirmed, which is worth building into course policy from day one.
Lightweight affiliation, real engagement. An OpenSSL Academic Network has been established: logo-level affiliation, no financial or resource commitment. The goal is to ease collaboration and student engagement across OpenSSL-mission projects. The broader direction is toward grant-based research collaboration, invited lectures, and internships. Two calendar items: future F2F dates will be set well in advance so academics can plan around teaching, and the OpenSSL Conference call-for-papers is still open!
Lastly, two personal reflections, one from each of us.
Billy: A theme that kept resurfacing in the business sessions was one that resonates strongly with me: security research proves its value when its threat models stand up to real-world deployment. The project's message was clear: academics are wanted in the room because rigor and operational reality need each other. The focus on engagement through grants, lectures, internships, and similar initiatives is the project putting concrete structure behind that belief.
Nikolas: From the technical side, what stood out to me was the discipline. Side-channel results were reported alongside their platforms and measurement resolution. Benchmarks were clearly marked as provisional until recalibrated. Claims were held back until they had been tested. That kind of rigor creates a codebase that research groups can confidently build on. The ML-DSA encoding question is a good example of the sort of problem where a single strong paper can end up shaping deployed practice.
So now over to you: Which of these hooks fits your group's agenda? What would make collaborating with the project easier from inside a university? Anything the F2F missed that academia should put on the table? Business-side follow-ups Billy will carry into the BAC, technical ones Nikolas will take to the TAC. Moreover, there is a 6-24 month roadmap being assembled in the open that explicitly wants research-community input. So now is your chance to shape the project's future!
— Billy & Nikolas
P.S. A few impressions from Brno. It was a busy event, but there was no shortage of snacks 🙂

Nikolas Gauder ·Mon 22 Jun 2026 7:10PM
A few additional open items from the F2F that may be relevant to academia and where input would actually shape direction:
Roadmap priorities. The 6–24 month roadmap is being developed in the open. Recurring requests already captured include iOS with FIPS support, structured logging for Common Criteria, and OpenTelemetry integration. From an academic or lab perspective, which of these would actually unblock work, and which are noise?
Student engagement model. Beyond PRs and internships, there is an open question on how conference participation should work for students, e.g., research-presentation-gated access vs. broader scholarship or travel support. What model do you think is most effective?
PKI governance gap. There is still no representative non-browser governance venue for PKI policies. If you work in standards, measurement, or applied crypto, research and policy input is welcome!
Course + student integration. Further input is wanted on what would make course integration easier in practice, e.g., triage tags, clearer maintainer contacts, or class-ready contribution guidelines. What would reduce friction the most in your environment?
Scheduling. Future F2F dates are to be set around academic calendars: what constraints should be taken into account (teaching periods, exam windows, term structures, etc.)?
Any feedback / ideas are welcome!