On Wed Oct 23 21:06:00 2013, mco...@akamai.com wrote: > > For my curiosity, what's difficult about modifying FIPS? More involved > change-vetting process? >
Any change has to be approved as part of a change letter process with labs which takes time and costs real money. We normally try to include any fixes whenever someone wants a change letter for another purpose. Changes to what is deemed "security sensitive code" can't be done at all without a complete revalidation. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org