On 03/09/2012 11:18 AM, Ashit Vora wrote: > Steve, > > Please see response from Randy (CMVP Director) below. It clearly > indicates older versions (including v1.2) are no longer considered > validated since they are not listed on the website:
Randy is the man, so I stand corrected. A huge number of deployed validated modules are now not validated (or rather are revealed to have been so for years). We have a new change letter in the works, so when we submit that revised Security Policy we'll put a statement in it to the effect that previous revisions of the module remain valid. I'll also check with that test lab and see if we can add that wording sooner as this particular change letter is progressing slowly due to technical issues with the new platform. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.net ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
