This one should really go to OpenSSL-Users, not OpenSSL-Dev.
On Tue, 4 Dec 2001, Tina Anderson wrote:
> Has anyone investigated obtaining FIPS 140-1 validation for OpenSSL?
>
> FIPS 140-1 is a U.S. government standard for implementations of
> cryptographic modules.
The validation process is time and money expensive. For an OpenSource
project, it's always difficult. Who will pay? And for which version? (if
you continue to develop the product, then it's no longer FIPS140-1
validated).
That could be a good idea, but I think OpenSSL isn't ready yet, apart from
the money issue...
--
Erwann ABALEA
[EMAIL PROTECTED]
RSA PGP Key ID: 0x2D0EABD5
-----
``In theory, practice and theory are the same, but in practice they
are different.''
Larry McVoy
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
