OpenSSL is "publicly available code" and thus has an export exemption.
Things linked with it, however, may not be, depending on their
configuration.
-Kyle H
On Thu, May 28, 2009 at 1:05 PM, Bob Bell wrote:
> Folks -
>
> I have a basic question relative to the FIPS openSS
Thanks to all for the information that was exchanged. It did help me
understand.
Bob Bell
On Thu, May 28, 2009 at 2:05 PM, Bob Bell wrote:
> Folks -
>
> I have a basic question relative to the FIPS openSSL lib and US export
> control law. As I understand it, in order for the openSS
The platform is AIX. I have used the fipsld to link the application and
digest was properly embedded in the application executable.
I have wriitten a small pbm to test this.
main()
{
int (*dlsym_fips_mode_set)(int);
void *handle=dlopen("/usr/lib/libcrypto.a(libcrypto.so.0.9.8,"RT_LAZY");
dlsym_
On Fri, May 29, 2009, tensy joseph wrote:
> I have gone through the user guide again , i am little confused now . This
> statement makes me confuse
>
> A HMAC-SHA1 digest of the FIPS Object Module code and read-only data must be
> generated and embedded in the application executable object for us
I have gone through the user guide again , i am little confused now . This
statement makes me confuse
A HMAC-SHA1 digest of the FIPS Object Module code and read-only data must be
generated and embedded in the application executable object for use by
the FIPS_mode_set()
function at runtime initiali
My libcrypto.a is a shared library and also fipscansiter.o has been
incorporated in a shared library libcrypto.a .So to get the fipscanister.o
at compile time , it need to link with libcrypto.a at the compile time in
order to check hmac-sha1 integrity test of fipscanister.o embedded in the
libcryp
On Fri, May 29, 2009, tensy joseph wrote:
> Still now i was believing that to all the application should link to
> libcrypto library at the compilation so that it can check the fipscanister.o
> hash value in the library with the prevouisly stored fips .
>
> As the user guide says
>
>
> 1. The H
ell wrote:
>
> >
> > I have a basic question relative to the FIPS openSSL lib and US export
> > control law. As I understand it, in order for the openSSL lib to run as a
> > FIPS certified module, it must be configured to be loaded as a
> dynamically
> > linked libr
On Thu, May 28, 2009, Bob Bell wrote:
>
> I have a basic question relative to the FIPS openSSL lib and US export
> control law. As I understand it, in order for the openSSL lib to run as a
> FIPS certified module, it must be configured to be loaded as a dynamically
> linked libra
On Thu May 28 2009, Bob Bell wrote:
> Folks -
>
> I have a basic question relative to the FIPS openSSL lib and US export
> control law. As I understand it, in order for the openSSL lib to run as a
> FIPS certified module, it must be configured to be loaded as a dynamically
>
Folks -
I have a basic question relative to the FIPS openSSL lib and US export
control law. As I understand it, in order for the openSSL lib to run as a
FIPS certified module, it must be configured to be loaded as a dynamically
linked library. If that is so, how do you get a export classification
On Fri, Aug 22, 2008 at 3:57 PM, Kenneth Goldman <[EMAIL PROTECTED]> wrote:
> If that's the rationale, I eagerly await 1.0. The lack of a stable
> API has hurt me far too many times. I encourage the developers
> to freeze the existing API.
The core OpenSSL developers already stick to that partic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kenneth Goldman wrote:
| > The decision in the case of OpenSSL was that 1.x would have a
stable API,
| > permitting shared libraries to be used interchangeably. OpenSSL
does not
| > have a stable API yet, officially.
|
| If that's the rationale, I
> The decision in the case of OpenSSL was that 1.x would have a stable API,
> permitting shared libraries to be used interchangeably. OpenSSL does not
> have a stable API yet, officially.
If that's the rationale, I eagerly await 1.0. The lack of a stable
API has hurt me far too many times. I enc
> We're thinking of using openssl in our company but wondering about the
version number.
Rach,
OpenSSL is a great product. It is very widely used and adopted throughout
the world. If you ripped it off the face of the planet right now, it would
be catastrophic because so many people and systems
Hi,
> Why the latest version is still 0.9.x, why it hasn't bumped up to 1.x in
> last 8 years. Generally 1.x defines a stable version.
hmm, I personally would not get hung up on '1.x is stable' -
having used dozens of platforms and software versions
to run network delivery solutions I can tell y
> Hi,
> We're thinking of using openssl in our company but wondering
> about the version number.
> Why the latest version is still 0.9.x, why it hasn't bumped up
> to 1.x in last 8 years. Generally 1.x defines a stable version.
> Any insight would be helpful in making a decision.
> Thanks,
> Ra
Hi,
We're thinking of using openssl in our company but wondering about the
version number.
Why the latest version is still 0.9.x, why it hasn't bumped up to 1.x in
last 8 years. Generally 1.x defines a stable version.
Any insight would be helpful in making a decision.
Thanks,
Rach
18 matches
Mail list logo
