> In the future, this may change if/when OpenSSL does another FIPS validation. > CMVP has changed the implementation guidance that requires the POST to run > automatically without user intervention. Any future FIPS validations would > be subject to the new rules. Hence, the behavior of FIPS_mode_set() may > change in the future if OpenSSL decides to pursue another validation. > Ouch! It was bad enough when they pounded the square hardware peg into a round software hole. I see they lack practical experience in software development, so now they are forcing folks into doing things that can be questionable (and even ill-advised on a platform).
