In this section we try to document as many of our policies and procedures as possible. We do this for two reasons:

• First, we want to to make sure everyone knows how the project is run. For example, when we announce a forthcoming fix for a high-severity bug, the Security Policy explains what that means.
• Second, it helps us be consistent. For example, the Release Strategy defines the plan of record of when, and how long, various releases will be supported.

Put another way, by being as transparent as possible, we hope to reduce the chance that people are surprised by what we do, and we hope to help maintain predictable behavior within the project.

The Roadmap describes our overall goals and plans for OpenSSL. It is a living document and is expected to change over time. Objectives and dates should be considered aspirational.

If you want to contribute code or fixes to the project, please read the Coding Style page. For legal obligations of contributors, see the page on Contributor Agreements.

We are pleased to mention that we follow the best practices of the Core Infrastructure Initiative.