Hi Steve, Sorry for the same questions asked many times by Openssl users.
Will the new random number generator specified in FIPS SP80-900 be included or planned to be include in the openssl v1.2.2 modules. I don't see it in the source code. Openssl is the best of all the security libraries we tried in term of performance and features, but because of the new random number, we have to investigate using other library such as Mozilla Network Security Services etc. Thank you. Ying -----Original Message----- From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Steve Marquess Sent: Monday, January 10, 2011 4:30 PM To: openssl-dev@openssl.org Subject: New FIPS 140-2 validation underway The OpenSSL Software Foundation has a commitment for funding a FIPS 140-2 Level 1 Validation for a new and improved OpenSSL FIPS Object Module. The sponsorship for this validation comes with specific and time-sensitive requirements. The funding will be sufficient to cover the labor and expenses necessary to obtain a source code based validation generally comparable in nature to the prior and current validation #1051 (the OpenSSL FIPS Object Module v1.2.2); however only one test platform (a mobile device) will be included. The common Wintel/Lintel platforms addressed in the #1051 validation are currently *not* included. We will be checking with prospective co-sponsors who have previously expressed interest in providing partial support to see if there is interest in sponsoring additional test platforms. Any parties interested in such a contribution are encouraged to contact us at the address below. However, please note that we cannot and will not delay the progress of the validation effort in order to include additional test platforms or other enhancements or improvements not specified in our current contract. That means a window of no more than perhaps three months for the inclusion of new platforms or code changes. Previous validation efforts which were conducted in relative silence in deference to political sensitivities. This time I plan to make an ongoing effort to report on our plans and progress in detail. We will post source code as soon as possible for review and commentary, and I will relate as much detail on relevant internal discussions and issues as we are allowed to under non-disclosure restrictions. I will begin by detailing the currently planned technical scope over the next few days, as soon as we have all of the contractual paperwork fully in place. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877-673-6775 marqu...@opensslfoundation.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org </PRE><BR><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#003366'> _____________________________________________________<BR> This electronic message and any files transmitted with it contains<BR> information from iDirect, which may be privileged, proprietary<BR> and/or confidential. It is intended solely for the use of the individual<BR> or entity to whom they are addressed. If you are not the original<BR> recipient or the person responsible for delivering the email to the<BR> intended recipient, be advised that you have received this email<BR> in error, and that any use, dissemination, forwarding, printing, or<BR> copying of this email is strictly prohibited. If you received this email<BR> in error, please delete it and immediately notify the sender.<BR> _____________________________________________________ </SPAN><PRE> ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
