The security policy states that the fips-approved sources, when compiled on a system that allows for verification that the compiled library has not been changed (via a fairly complex examination of process executable space), create a library that is FIPS 140-2 validated.
I think that's probably what took so long. -Kyle H On 4/13/06, Hank Cohen <[EMAIL PROTECTED]> wrote: > Right you are! My mistake. > I knew it was under development but no draft has been issued yet. > > Here's a new question. > When OpenSSL got it's NIST algorithm certifications were they only for > specific processors? I notice that the Open Source Software Institute > certs > were done on a HP 9000 whereas other certs using the OpenSSL library > were done on PowerPC and Pentium. > > What other support for FIPS 140 are in the OpenSSL-fips library? > (It is perfectly fine to say RTFM but kindness would dictate that you > point me to the proper one.) > > Regards, > Hank Cohen > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Richard Salz > > Sent: Thursday, April 13, 2006 7:00 PM > > To: openssl-users@openssl.org > > Cc: openssl-users@openssl.org; [EMAIL PROTECTED] > > Subject: RE: Not FIPS if app uses other crypto? > > > > > First of all I assume that we are talking about FIPS 140-2 [or 3 but > > > that's not mandatory anywhere yet]. > > > > Mandatory? 140-3 isn't even issued yet. :) > > > > /r$ > > > > -- > > SOA Appliances > > Application Integration Middleware > > > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager [EMAIL PROTECTED] > > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
