aerow...@gmail.com wrote:
...
I think that this discussion is good, because it will (hopefully) lead
to a tool -- perhaps a script -- that can perform all of the tests
that we can identify on an executable to determine if it's been
statically linked with a correct fipscanister.
With all due respect ... for any such tool that you can devise my evil
twin Skippy can produce a binary that is *not* validated that your tool
cannot distinguish from a "correct fipscanister". Remember that the
criteria for validation are procedural as well as technical.
As with the conventional proprietary validations it comes down to a
vendor assertion.
-Steve M.
--
Steve Marquess
The OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA
+1 877-673-6775
marqu...@opensslfoundation.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
