It should be public, and probably must be public, given it is supposed
to be true open-source, etc. Everyone should be able to do test builds
(on all types of architectures and variants etc) to iron out bugs, etc,
before being submitted for validation. I'd be very surprised if it
wasn't available for preview somewhere. It would be good if there was a
development page somewhere for FIPS related news, etc.
Cheers, Brendan.
Kyle Hamilton wrote:
The FIPS validation process is... odd. And not at all conducive to
the open-source development model.
There is no available OpenSSL FIPS Object Module v1.2. Until it
passes validation, anyway, at which point the
openssl-fips-1.2.0.tar.gz file will be made available. I don't think
the source is actually even in the public CVS. (I would like to see a
preview version that I can at least link things that use the API
against, even if everything's stubbed out. :P)
I do have to ask, though: is this one going to compile properly on
Intel-based Macs? 1.1 and 1.1.1 didn't.
-Kyle H
On Nov 29, 2007 5:22 PM, Brendan Simon < [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Where can I find information about OpenSSL FIPS Object Module v1.2 ???
Where can this be downloaded from? CVS only? Or are there tarballs
somewhere?
Where does FIPS related development/discussion take place? Just the
users mailing list?
Is there a spot on the website dedicated to FIPS related
information? I
can't find anything?
Cheers, Brendan.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
