Hello, Sorry if this is a bit beside OpenSSL per se, the idea behind this post is to perhaps have some information form the OpenSSL experience with FIPS validation. ?There was so much effort put into FIPS compliance that it would not be far-fetched to consider that there is also knowledge about what seems to be /protocol/ testing. I would like to know what's involved in the CAVP testing of the SSH protocol. ?I browsed the NIST CAVP web site, browsed some documents, although I haven't found any satisfying, technically-oriented, document on what has to be done if say, I have an editor opened with the SSH source code. ?Not the fully gruesome details, but an overview of how such testing works. Any comment appreciated !
