On 03/08/2012 05:12 PM, Steve Marquess wrote: > On 03/08/2012 04:05 PM, Ashit Vora wrote: >> Thanks Steve. This makes sense (i.e. newer versions subsuming older >> versions). >> >> However given that 1.2 is no longer listed on the NIST website, that >> version can no longer be considered FIPS validated. This is an issue for >> deployed products that have depended on v1.2 for FIPS compliance. > > Well, I disagree. Though I will be the first to note that only the CMVP > is in a position to make any authoritative pronouncements.
I should also point out that the certificate still references the original revision number 1.2: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140crt/140crt1051.pdf -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.net ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
