OpenSSL Software Foundation, Inc. Services

OpenSSL Software Foundation, Inc. (OSF) is formally a U.S. company incorporated in Maryland in 2009, but is functionally an international entity with principals located in three continents and across 15 time zones. OSF also collaborates with other open source based organizations to provide some commercial services on a joint basis.

OSF provides services to the U.S. and foreign commercial sector, the U.S. federal government, and the U.S. Department of Defense through three basic contract vehicles:

• Hourly rate on-demand consulting services; direct support from OpenSSL team members on any issues of interest to the client, as little or as much as needed. Rates start at US$225/hour. This option is popular with customers just needing short-term assistance with a specific problem or who don't know what kind or amount of assistance might be needed, but it is less cost effective for substantial amounts of work. Since we're a small organization rapid response isn't guaranteed, but the odds are good that we will respond to any specific request within a couple of days.
  
  
• Fixed rate work-for-hire, where specific deliverables can be precisely identified. This is cost-effective for more substantial software development tasks (for instance, implementation of TLS 1.2, or obtaining FIPS 140-2 validations).
  
  
• Annual software support contracts. One fixed annual fee (US$20,000 and up) for direct support with any problems with existing supported OpenSSL releases. These contracts are designed for the larger enterprise with a long term stake in OpenSSL. Since we're a small organization we limit these contracts to a select group of preferred clients. Our support contract customers receive close support (we rely on and cherish repeat business).
  

Portfolio

Past and present projects include:

• Implementation of full TLS 1.2 support in OpenSSL
  
  
• Implementation of processor specific performance optimizations.
  
  
• Multiple FIPS 140-2 validations including:
  
  
  • The OpenSSL FIPS Object Module 2.0 validation, an open source based module that can be used without charge by industry and government.
    
  • "Change letter" modifications of existing validated modules, usually to support new platforms not included in the original validation.
    
  • Multiple "private label" validations.
    
  
  
• Implementation of specific cryptographic algorithms.
  

Customers

Note many of our customers elect to engage us on a non-disclosure basis and we strictly respect any confidentiality agreements. OpenSSL Software Foundation customers include:

• Intersoft International, Inc.

• Opengear, Inc.
• QuintessenceLabs Pty Ltd
• PKWARE, Inc.
• Cerberus, LLC
• DHS Science and Technology Directorate-sponsored Homeland Open Security Technology (HOST) program
• Innominate Security Technologies AG
• PSW Group

  ---