OpenSSL Software Services
OpenSSL Software Services (OSS) is formally a U.S. company incorporated in
Delaware in 2014, but is
functionally an international entity with principals located in three continents and across 15 time zones. OSS also
collaborates with other open source based organizations to provide some commercial services on a joint basis.
OSS provides services to the U.S. and foreign commercial sector,
the U.S. federal government, and the U.S. Department of Defense through three basic
Hourly rate on-demand consulting services; direct support from
OpenSSL team members on any issues of interest to the client, as little or as
much as needed. Rates start at US$250/hour. This option is popular with
customers just needing short-term assistance with a specific problem or
who don't know what kind or amount of assistance might be needed, but it
is less cost effective for substantial amounts of work. Since we're a
small organization rapid response isn't guaranteed, but the odds are good
that we will respond to any specific request within a couple of days.
Fixed rate work-for-hire, where specific deliverables can be
precisely identified. This is cost-effective for more substantial
software development tasks (for instance, implementation of TLS 1.2, or
obtaining FIPS 140-2 validations).
Annual software support contracts. One fixed annual fee (US$20,000
and up) for direct support with any problems with existing supported
OpenSSL releases. These contracts are designed for the larger
enterprise with a long term stake in OpenSSL. Since we're a small
organization we limit these contracts to a select group of preferred
clients. Our support contract customers receive close support (we
rely on and cherish repeat business).
Note OSS does not provide free consulting support
. Some free
support is available from the OpenSSL project and the user community through the OpenSSL
OpenSSL Validation Services
OpenSSL Validation Services (OVS)1 is formally a U.S. company
incorporated in Maryland in 2009 which currently focused on commercial and quasi-commercial activites
specific to FIPS 140-2 validations and
the OpenSSL FIPS Object Module.
Past and present projects include:
Implementation of full TLS 1.2 support in OpenSSL
Implementation of processor specific performance optimizations.
Multiple FIPS 140-2 validations including:
OpenSSL FIPS Object Module 2.0 validation, an open source based module that can be used
without charge by industry and government.
"Change letter" modifications of existing validated modules, usually to support new platforms not
included in the original validation.
Multiple "private label"
Implementation of specific cryptographic algorithms.
Note many of our customers elect to engage us on a non-disclosure basis and we strictly respect
any confidentiality agreements.
OpenSSL Software Foundation customers include: