Hi
Last release of openssl fips 1.1.2 was not allowing shared library
generation of fips capable openssl 9.7m .whether openssl fips 1.2 will allow
shared library generation when compiled with fips capable openssl 0.9.8j?
Thanks
Joshi
On Thu, Nov 20, 2008 at 1:52 PM, Dr. Stephen Henson
On Tue, Nov 25, 2008, joshi chandran wrote:
Hi
Last release of openssl fips 1.1.2 was not allowing shared library
generation of fips capable openssl 9.7m .whether openssl fips 1.2 will allow
shared library generation when compiled with fips capable openssl 0.9.8j?
Yes it will.
Steve.
On Thu, Nov 20, 2008, joshi chandran wrote:
Hi ,
I have a different requirement . I want to release openssl 0.9.8j has normal
openssl release . i donot want to release fips capable openssl . if i remove
the fips option in configure will it generate the normal openssl (with out
fips
On Tue, Nov 18, 2008, Brad House wrote:
I'm pretty ignorant when it comes to FIPS, is this a limitation of the
FIPS requirements itself or a limitation of OpenSSL's FIPS validation?
It is a FIPS requirement.
Any idea how many root CAs use MD2WithRSAEncryption or any way to work
around
Hi ,
I have a different requirement . I want to release openssl 0.9.8j has normal
openssl release . i donot want to release fips capable openssl . if i remove
the fips option in configure will it generate the normal openssl (with out
fips capabability) including all the functionality that are in
Good news for developers and vendors of software for the U.S. and
Canadian government market where FIPS 140-2 validated cryptography is
required.
The OpenSSL FIPS Object Module, a software component compatible with
the OpenSSL API, has been FIPS 140-2 validated (see certificate #1051
and Security
I dunno who I'm supposed to give feedback to, but this format of FIPS
announcement needs some work.
First, the subject line doesn't say anything about the version of the
FIPS module that has been validated. (In this case, it should be
something like OpenSSL FIPS 140-2 validation for module v1.2
On Tue, Nov 18, 2008, Kyle Hamilton wrote:
Second, it doesn't describe which version of the OpenSSL API that the
newly-validated module supports. (in this case, it supports v0.9.8
(and requires 0.9.8i onward), but I dunno about 0.9.7?) Providing
compatibility with a version bump in the API
Second, it doesn't describe which version of the OpenSSL API that the
newly-validated module supports. (in this case, it supports v0.9.8
(and requires 0.9.8i onward), but I dunno about 0.9.7?) Providing
compatibility with a version bump in the API is significant enough
that it should be called
On Tue, Nov 18, 2008, Brad House wrote:
Second, it doesn't describe which version of the OpenSSL API that the
newly-validated module supports. (in this case, it supports v0.9.8
(and requires 0.9.8i onward), but I dunno about 0.9.7?) Providing
compatibility with a version bump in the API is
Finally, I'm getting X509_V_ERR_CERT_SIGNATURE_FAILURE errors when in
fips mode during SSL negotiation, but the same binary, simply telling
it via a config setting not to enter fips mode, works fine. This
is to ssl3.vitalps.net:5003, specifically, but I don't have any reason
to believe other
The problem is the root CA uses MD2WithRSAEncryption as a
signature algorithm
and that is prohibited in FIPS mode.
I'm pretty ignorant when it comes to FIPS, is this a limitation of the
FIPS requirements itself or a limitation of OpenSSL's FIPS validation?
The former. FIPS does not
The problem is the root CA uses MD2WithRSAEncryption as a
signature algorithm
and that is prohibited in FIPS mode.
I'm pretty ignorant when it comes to FIPS, is this a limitation of the
FIPS requirements itself or a limitation of OpenSSL's FIPS validation?
The former. FIPS does not allow the
13 matches
Mail list logo
