On Wed, Jan 25, 2012 at 06:35:58PM -0500, Steve Marquess wrote: > > A rough rule of thumb is that if you create a FIPS module > (fipscanister.o) on a formally tested platform (O/S and processor as > listed in the Security Policy), and if that binary file when copied
Does the Security Policy list the compiler? When I did this, years ago, I think we did not have to specify the compiler even when we applied for our algorithm certificates. That seemed very, very wrong, since one of the changes most likely to break a highly optimized implementation of an algorithm is a change to the compiler! ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
