new FIPS module

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> As always, if you don't care about FIPS 140 then count yourself lucky and
> move on.
> 
> Work on the new FIPS module has so far taken a backseat to higher priority
> topics like the 1.1 release and security vulnerabilities, but we should start to
> make some progress soon. I've put together a rough wiki page outlining
> some goals for the new FIPS module:
> 
>   https://wiki.openssl.org/index.php/FIPS_module_3.0
> 
> Within the very tight constraints of schedule, resources, and what is
> permitted by FIPS 140, we want this FIPS module to be as widely useful as
> possible.
> 
> If we've omitted anything of vital importance please speak up.

The fixed base address requirement causes problems for large Windows x86 applications and there isn't a great work around.  It isn't clear to me if item 2 " Support compilation in various forms" will address this or not.  An option to compile the fips module as a dll instead of a static lib would be nice or at least allow the fips capable module to be rebased.

Zeke Evans
Senior Software Engineer
Micro Focus


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux