Hello, I am using the Openssl-1.0.2 with openssl-fips-2.0.9 and have a question? If AES CBC Encryption is considered vulnerable to an attacker with the capability to inject arbitrary traffic into the plain-text stream, then why is it listed as an approved algorithm/option in table 4A on page 14 of the OpenSSL Security Policy: http://openssl.org/docs/fips/SecurityPolicy-2.0.9.pdf I am just looking for a clarification. Thanks, Phil Phil Bellino Principal Software Engineer | MRV Communications Inc. 300 Apollo Drive | Chelmsford, MA 01824 Phone: 978-674-6870 | Fax: 978-674-6799 www.mrv.com [MRV-email] -209 [E-Banner]<http://www.mrv.com/landing/video-datasheet-mrvs-optidriver-platform> The contents of this message, together with any attachments, are intended only for the use of the person(s) to whom they are addressed and may contain confidential and/or privileged information. If you are not the intended recipient, immediately advise the sender, delete this message and any attachments and note that any distribution, or copying of this message, or any attachment, is prohibited. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150320/aaccf61b/attachment-0001.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 6563 bytes Desc: image001.png URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150320/aaccf61b/attachment-0001.png>
