Am Mittwoch, 8. Januar 2014, 13:36:37 schrieb Dr. Stephen Henson: Hi Stephen,
>On Wed, Jan 08, 2014, Abdul Anshad wrote: >> Hello All, >> >> I noticed in trying to build OpenSSL 1.0.0l that, Configure doesn't >> accept the fips and --with-fipsdir= arguments. But, the OpenSSl >> 1.0.1f and OpenSSL 0.9.8y accepts the same. >> >> Does that mean that the OpenSSL 1.0.0l wont support fips mode ? is >> the >> branch OpenSSL 1.0.0 still under fips validation ? > >The OpenSSL 1.0.0 branch never supported FIPS mode in official >releases. The descriptions of the OpenSSL FIPS security policy (e.g. section 4.2.3) hint to using the "regular" OpenSSL library version which can be compiled to use the fipsified OpenSSL version as a crypto-backend. IIRC this is what the above mentioned configure options hint to. Ciao Stephan ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
