On 12/18/2015 11:03 AM, jonetsu wrote: > Is there any current solution to have RSA 186-4 in OpenSSL FIPS (now, even if > this means an upgrade ?)
We aren't allowed to update existing validations to include that type of "cryptographically significant" change, just like we aren't allowed to fix vulnerabilities (e.g. Lucky 13). So no. We will address all new FIPS 140-2 requirements, and known vulnerabilities, and support of OpenSSL 1.1, if and when we're in a position to pursue a new open source based validation to succeed the current #1747/#2398/#2473. -Steve M. -- Steve Marquess OpenSSL Software Foundation 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@openssl.com gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
