Re: OpenSSL 1.0.2 EOL and new FIPS-validated crypto module

The FIPS module source code can’t be changed without losing validation. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 22 Oct 2019, at 11:46 pm, Salman Baset wrote: > > Thank you very much. This is helpful. Will the

Re: OpenSSL 1.0.2 EOL and new FIPS-validated crypto module

Thank you very much. This is helpful. Will the support also include any updates to the FIPS compatible part, or is that out of scope because any update essentially invalidates existing FIPS cert for potential use? On Mon, Oct 21, 2019 at 11:56 AM Dr Paul Dale wrote: > The EOL date for OpenSSL

Re: OpenSSL 1.0.2 EOL and new FIPS-validated crypto module

The EOL date for OpenSSL 1.0.2 will not be extended. It is possible to purchase premium level support which will provide 1.0.2 updates beyond its normal end of life. See: https://www.openssl.org/support/contracts.html#premium Pauli --

Re: OpenSSL 1.0.2 EOL and new FIPS-validated crypto module

* Lastly, is there any chance of extending the EOL date of OpenSSL 1.0.2 till the new FIPS module/OpenSSL 3.0 becomes available? This question gets asked a great deal. Why? The OpenSSL project has not done any 1.0.2-FIPS work for years. This means that if there are any CVE-level bugs in

OpenSSL 1.0.2 EOL and new FIPS-validated crypto module

Hello everyone, I was wondering if there is any update on getting a new FIPS-validated module for OpenSSL by the end of this year (before EOL of 1.0.2), as was mentioned in this blog post: https://www.openssl.org/blog/blog/2018/09/25/fips/ According to this email, the new FIPS module is