On Wed, Apr 12, 2017 at 1:26 PM, Salz, Rich via openssl-dev <openssl-dev@openssl.org> wrote: >> Did the no-fips option get removed by-design? Are the no-* corollaries going >> to be dropped going forwards? > > Yes. All FIPS support was removed. It could be brought back, and made a > no-op, if that's a real issue.
It isn't a big problem here for me (default = no-fips, whether the /usr/local/openssl/fips/ tree was discovered or not.) It was future proofing a new schema before some existing fips binary might be detected on a build box inadvertently. But for consistency, permitting 'no-fips' for the lifespan of 1.0.2/1.1.0 seems prudent. No reason for it to survive on master. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
