On Fri, 28 Jan 2022, bch wrote:
That said, isn’t it still a (US) govt approved (FIPS[0]) piece of software,
and valuable in that way?
I don't think so. That's all legacy now.
I think by now, wolfSSL is the leading FIPS licensed TLS library [1] (as also
my employer, you should consider me biased) but OpenSSL also used to be
approved and I believe they are aiming to get it again [2].
(With the big caveat that this is not my area of expertise.)
Also, that's not really a factor that changes much how I view NSS. If they
can't tell us how to use the library, they can be licensed and approved all
they want. It doesn't help us.
[1] = https://www.wolfssl.com/license/fips/
[2] = https://www.openssl.org/docs/fips.html
--
/ daniel.haxx.se
| Commercial curl support up to 24x7 is available!
| Private help, bug fixes, support, ports, new features
| https://curl.se/support.html
--
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
