RSA and FIPS 186-4 in OpenSSL 1.0.1e/fips-2.0.9

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/18/2015 11:03 AM, jonetsu wrote:
> Is there any current solution to have RSA 186-4 in OpenSSL FIPS (now, even if
> this means an upgrade ?)

We aren't allowed to update existing validations to include that type of
"cryptographically significant" change, just like we aren't allowed to
fix vulnerabilities (e.g. Lucky 13).

So no.

We will address all new FIPS 140-2 requirements, and known
vulnerabilities, and support of OpenSSL 1.1, if and when we're in a
position to pursue a new open source based validation to succeed the
current #1747/#2398/#2473.

-Steve M.

-- 
Steve Marquess
OpenSSL Software Foundation
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux