It's FIPS validation, not certification. (Not that I'm entirely sure what the difference is, because when a validation is completed a certificate is issued, but I've been corrected enough times by the reps from the Open Source Software Institute that I don't dare call it anything else. :))
fips-1.2.0 has not completed the validation process, so the documentation does not exist. fips-1.1.2 has been validated with certificate 918. fips-1.1.1 validation is revoked, but was validated with certificate 733. (Interestingly, the csrc.nist.gov site doesn't show it as being revoked, but it is -- I expect this will be fixed in the near future) fips-1.0 is not available, but was validated with certificate 642. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm is the official list, and has links to both the certificates and the security policies. Note YOU MUST FOLLOW THE SECURITY POLICIES EXACTLY OR ELSE THE RESULTING LIBRARY WILL NOT BE COMPLIANT. This includes shutting your UNIX machine down to single-user mode during the build process. It probably would not hurt to write down everything that you do in a timestamped log so that you can prove that you have followed the security policy. -Kyle H On Tue, Aug 19, 2008 at 11:02 AM, Prashant Kumar <[EMAIL PROTECTED]> wrote: > Hello All, > > Where can I find the documentation for OpenSsl FIPS certification ? > > Any help is appreciated. > > Regards, > Prashant. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
