On 03/26/2015 01:00 PM, Marcus Meissner wrote: > ... >> >> Unfortunately FIPS 140-2 validation conflicts rather violently with open >> source software (and with software engineering best practice in general, >> for that matter). Even if some benevolent benefactor ponied up the >> quarter megabuck it would take to do an open source based kernel crypto >> validation, it would be fossilized code obsolete before the validation >> was even approved. Linux got to be as good as it is due to constant >> refinement and improvement; FIPS validation presumes that it is possible >> to write perfect code in one shot and that the environment that code >> runs in never changes. > > This is not true. > > Both Redhat and SUSE have certified or are currently in the process of > certifying the Linux Kernel as a cryptographic module and it is not > as hard as you make it. > > ... As you note *binary* validations are a lot easier. Many such Level 1 software validations have been done (something like a thousand), including ones by Red Hat, SuSE, and hundreds of "private label" *binary* validations based on the OpenSSL FIPS Object Module (many using that code verbatium). In fact the majority of all Level 1 software validations are derived from OpenSSL code. We've done a number of those private label vaildations ourselves, incidentally. But, as someone who has been at ground zero of each of the only open source based FIPS 140-2 validations that have ever been done I can tell you that those are *much* harder. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marquess at opensslfoundation.com marquess at openssl.com gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc
