> Yes - I do expect you to be able to build just the validated source independently of the rest of the tarball so that you could (for example) run the latest main OpenSSL version but with an older module. Which means that this doesn't have to happen in the first release since there's only one runtime that works with the one FIPS module. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users