On 13/08/2010 5:12 AM, Dave Thompson wrote:
I'm not sure why they even used an HMAC in the Policy. Probably the 'priests' just liked it. It doesn't add anything. Any actual security comes from having the digest, *or* HMAC, protected by a different means than the subject data. And unfortunately having both of them on the same website, even though it is a fine website, doesn't really do that. The PGP-signing does; but then you need PGP (or GPG). Comparing multiple mirrors defends against an attack on only one website (or a handful), but is more work, and defeats the traditional bandwith-saving purpose of mirrors. Life is imperfect.
The HMAC-SHA1 value is on a different website - it is contained in the Security Policy document for which the definitive source is on the NIST CMVP website at http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1051.pdf
The separate MD5 and SHA1 values on http://www.openssl.org/source/ have nothing to do with the HMAC-SHA1 (and there is also a PGP signature for each file there too).
Note: vendors are permitted to update validations (after verification by the testing lab) including updates to the security policy document which is what was done when the cross compilation support for the FIPS140 build was added in November 2009. When working with a FIPS140 validated cryptographic module you have to check the status on the NIST website to have current information.
Tim. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
