On Thu, Jan 29, 2004 at 10:32:12AM -0500, Chris Hofstaedter wrote: > As I understand it, an enterprise that makes use of your FIPS certified DLL > can pursue an "OEM Certification". This is an abbreviated form of > certification that would actually extend to the product that uses the DLL in > addition to the DLL itself. It would be abbreviated because they only > examine the manner in which a previously certified libary is used rather > than a complete certification of the algorithms as well.
I'm not familiar with OEM certification, but from the document you quoted, it sounds like the cerficiation does not extend to the product that uses the DLL. It just allows the same DLL to be listed under a different name on NIST's web site. If my understanding is correct, I don't think this would be a good idea -- it would just cause confusion to have two different names for Crypto++.
