The OpenSSL FIPS Validation #1747 is affected by the key wrapping transition
and will therefore be moved to Historical at some point.
As we’ve said, FIPS will be the focus of our next feature release after 1.1.1
(TLS 1.3).
--
openssl-users mailing list
To unsubscribe:
Hi,
NIST recently gave notice of Symmetric Key Wrapping Transition, details are
found here
https://csrc.nist.gov/projects/cryptographic-module-validation-program/notices.
It is not clear to me whether the FIPS 2.0 module is affected by this. I am
mostly curious about this part:
All
The TLS protocol puts limits on how much application data can appear in a
single record. Without knowing all the details, that seems like a very silly
requirement. There is no security reason for it.
--
openssl-users mailing list
To unsubscribe:
> > Hence, if at all, verification requirements must have been lowered in the
> > new OpenSSL version.
>
> No, it is also the case that the new version now more correctly accepts
> some chains as valid that because of bugs, the old version did not.
Understood! My reply was related to message
Dear Viktor,
that's quite an detailed elaboration. I have learned something from what you
posted, but as far as this problem is concerned, we we're able to get rid of
your problems by upgrading to OpenSSL 1.1.0g. I'm sure what you conveyed will
be of help when diagnosing future OpenSSL