The OpenSSL Software Foundation has a commitment for funding a FIPS 140-2 Level 1 Validation for a new and improved OpenSSL FIPS Object Module. The sponsorship for this validation comes with specific and time-sensitive requirements. The funding will be sufficient to cover the labor and expenses necessary to obtain a source code based validation generally comparable in nature to the prior and current validation #1051 (the OpenSSL FIPS Object Module v1.2.2); however only one test platform (a mobile device) will be included. The common Wintel/Lintel platforms addressed in the #1051 validation are currently *not* included.
We will be checking with prospective co-sponsors who have previously expressed interest in providing partial support to see if there is interest in sponsoring additional test platforms. Any parties interested in such a contribution are encouraged to contact us at the address below. However, please note that we cannot and will not delay the progress of the validation effort in order to include additional test platforms or other enhancements or improvements not specified in our current contract. That means a window of no more than perhaps three months for the inclusion of new platforms or code changes. Previous validation efforts which were conducted in relative silence in deference to political sensitivities. This time I plan to make an ongoing effort to report on our plans and progress in detail. We will post source code as soon as possible for review and commentary, and I will relate as much detail on relevant internal discussions and issues as we are allowed to under non-disclosure restrictions. I will begin by detailing the currently planned technical scope over the next few days, as soon as we have all of the contractual paperwork fully in place. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877-673-6775 marqu...@opensslfoundation.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Announcement Mailing List openssl-announce@openssl.org Automated List Manager majord...@openssl.org
