Re: Will my application be FIPS 140-2 Certified under following conditions?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 08/07/2019 10:12, Dr Paul Dale wrote:
I have to disagree with the “decision not to make a FIPS module for the current 1.1.x series” comment.  Technically, this is true.  More practically, 3.0 is intended to be source compatible with 1.1.x.  Thus far, nothing should be broken in this respect.

The key word is "intended".

If support for 1.0.2 is required beyond the end of this year, it is available: https://www.openssl.org/support/contracts.html

I am unsure if this is an affordable route for all affected users
and distributions (especially non-profit OS distributions).


I’d also be interested to know what is wrong with the policy page?


Only that it states the policy of stopping 1.0.2 support at end of
2019, which would be fine if a FIPS-capable replacement had been
ready by now (as is fortunately the case for non-FIPS).

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux