>Is the use of OpenSSL an actual legal requirement of the certification of
the FIPS object module, or just the easiest way to use it?
I'm not sure who you are asking this.
The exiting FIPS validations for OpenSSL only cover the 1.0.2 based source code.
>Difference would be partic
Hi All,
Please respond to my below query.
Currently we are using openssl_1_0_2r version and we ran the Nessus tool
on this openssl version code found The SWEET32 (
https://www.openssl.org/blog/blog/2016/08/24/sweet32/) Issue. So to
resolve that issue I am trying to disable the ‘3des’ ciph
The FOM is stand alone in theory. I.e. it isn’t mandatory to use OpenSSL 1.0
but the two are designed to work together and are very closely intertwined.
Moving the FIPS canister forward to 1.1 would be a lot of effort.
Pauli
--
Dr Paul Dale | Cryptographer | Network Security & Encryption
Pho
On 04/07/2019 09:09, syed moulana via openssl-users wrote:
> Are we expect to loose the TLS_1.3 security capability if we configure the
> openssl-1.1.1b security level to -DOPENSSL_TLS_SECURITY_LEVEL=0 ?
> or
> in other words, does it makes TLS_1.3 backwards compatible ?
> or
> we are not using
Is the use of OpenSSL an actual legal requirement of the certification of
the FIPS object module, or just the easiest way to use it?
Difference would be particularly significant in case someone created code
to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
enhancements (as the pr
Hi
Are we expect to loose the TLS_1.3 security capability if we configure the
openssl-1.1.1b security level to -DOPENSSL_TLS_SECURITY_LEVEL=0 ?orin other
words, does it makes TLS_1.3 backwards compatible ?orwe are not using TLS_1.3
if we configure like this.
ThanksSyed