In message <[EMAIL PROTECTED]> on Thu, 13 May 2004 17:42:51 -0400, Jeffrey Altman
<[EMAIL PROTECTED]> said:
jaltman> One concern with your answer is that it appears to imply that
jaltman> FIPS certification can only be useful to applications which
jaltman> statically link in all libraries. Therefore, the openssl
jaltman> distributions which are shipped by Linux vendors in RPMs
jaltman> cannot be considered FIPS certified. Correct?
The consequence would be that if OpenSSL is configured with "fips", it
should be considered to be configure without "shared", regardless of
the arguments given by the person building/script. Would that be
regarded as a viable solution?
--
Richard Levitte \ Tunnlandsv�gen 52 \ [EMAIL PROTECTED]
[EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-708-26 53 44
\ SWEDEN \
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
