> From: "Steve Marquess" <marqu...@openssl.com> > Date: 10/21/15 14:18 > See Appendix B of the OpenSSL FIPS User Guide:
> https://openssl.org/docs/fips/UserGuide-2.0.pdf Thanks. > The specific algorithm tests have changed quite a bit since then > (constant change is part of the fun), but the general concept is the > same. The algorithm testing is the easiest part of FIPS 140-2 validations. What would you consider being the difficult parts ? > Note the CAVP only tests specific cryptographic algorithms, not > cryptographic protocol suites like SSH (secsh). OpenSSH itself is just > application code from the perspective of FIPS 140-2 and thus out of > scope ... It has to do with NDcPP 1.0 I think. Key agreement schemes and key derivation functions for several security-related communications protocols (SNMP, TLS, SSH, etc.) must now be tested as part of the algorithm test process. _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users