It seems to me that the question is this: can an application use two
FIPS-certified toolkits at the same time? For example, a FIPS certified
device for doing private key operations, and FIPS software for doing
symmetric key operations. The answer is yes. (There will be issues and
difficulties, of course: sharing key material, for example, may be
impossible.)
Most applications using FIPS toolkits use hardware devices or binary-only
libraries, where the API is not changeable. As an open source
distribution, the caveat to "stay within the boundaries" by not using
other than the FIPS API's is worth particular mention.
/r$
--
SOA Appliances
Application Integration Middleware
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
