https://bugzilla.mindrot.org/show_bug.cgi?id=2995
Francois <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from Francois <[email protected]> --- One big advantage to having the option to offload SSH KDF to OpenSSL is potential easier FIPS compliance. Assuming OpenSSL goes through FIPS validation where its SSH KDF implementation is FIPS validated, then if OpenSSH was to offloads its KDF to OpenSSL one could claim "FIPS Inside" for OpenSSH. As of today this is not possible because key derivation is done by OpenSSH, not by OpenSSL. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
