On 01/27/2016 11:54 AM, Jakob Bohm wrote: > The unfortunate people who are legally required to use > FIPS-validated crypto are legally restricted to use > *only* the crypto sw/hw on the FIPS validated list and > *only* in the specific configurations (OS etc.) listed > for each on that list. Well, there is I.G. G.5, a perfectly legitimate though often under-utilized tactic. As noted in my last message it's generally accepted that "on the list" doesn't necessarily mean a literal string match, though even then there will always be a huge number of platforms that are not formally tested OEs. > Everybody else is better off not trying to use FIPS- > restricted modes and setups. > > ... This is a good point worth repeating: use FIPS 140-2 validated cryptography only because you must, not because you think it is somehow "better". It isn't; the validated crypto is necessarily inferior to its unvalidated equivalent (e.g. stock OpenSSL in the case of the OpenSSL FIPS Object Module) by every real world metric (security, performance, maintainability). -Steve M. -- Steve Marquess OpenSSL Software Foundation 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marquess at openssl.com gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc
