What is the practical impact of OpenSSL being FIPS approved? Is GNU/TLS not FIPS approved? How does one get FIPS approval? Since Tenable must have removed OpenSSL from Nessus3 is Nessus3 not FIPS approved?
In any case it sounds like easiest decision is to try to replace OpenSSL with GNU/TLS so we can move the project on. Norm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randal T. Rioux Sent: Friday, March 16, 2007 7:55 AM To: Jan-Oliver Wagner Cc: openvas-devel@wald.intevation.org Subject: Re: [Openvas-devel] Start: replacing OpenSSL by GNU/TLS Jan-Oliver Wagner wrote: > The major and most important task, IMHO, is to replace OpenSSL by > GNU/TLS. There is no OpenSSL exception for the server > part. It is therefore illegal to distribute binary packages. I must have missed something here, but what would prevent the inclusion of OpenSSL libraries? I'm all for using GNU/TLS, but OpenSSL is FIPS approved (USA fed standard) and that is a great plus for government acceptance (my arena). > Does it make sense at all to allow compilation without SSL? > IMHO, SSL should be mandatory, but I'd be happy to stand corrected. No - I don't think so. All that data has some pretty valuable information in transit. SSL is a must in my opinion. Randy _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel _______________________________________________ Openvas-devel mailing list Openvas-devel@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
