The long awaited validation of the OpenSSL FIPS Object Module v2.0 ("2.0 module") is now complete:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2012.htm#1747 The 2.0 module is designed for use with OpenSSL 1.0.1. This module is similar in many ways to the earlier OpenSSL FIPS Object Module 1.2 ("1.2 module"), currently available with the most recent revision level of 1.2.4. The 1.2 module is only compatible with OpenSSL 0.9.8. One very important difference to note is that a new requirement has been imposed on the distribution of the 2.0 module. The CMVP (the program granting the validation) has specifically disallowed the conventional process of downloading the source code distribution from a web site. To use the 2.0 module for production purposes where FIPS 140-2 validation is to be claimed the source must be obtained by a "secure path", and the most feasible such mechanism is transfer via physical media, i.e. a snail-mailed CD-ROM disk. We will provide such disks at no charge for as long as possible, see: http://openssl.com/fips/verify.html for instructions on requesting a disk. The User Guide document has been extensively updated and expanded for the 2.0 module, and that document will be maintained in two separate versions for the 1.2 and 2.0 modules: http://www.openssl.org/docs/fips/UserGuide-1.2.pdf http://www.openssl.org/docs/fips/UserGuide-2.0.pdf -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com marqu...@openssl.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Announcement Mailing List openssl-announce@openssl.org Automated List Manager majord...@openssl.org