On Sun, Jan 29, 2006, Kyle Hamilton wrote: > 0.9.7h is FIPS certified, as long as you build with unmodified sources > (and this is checked with an SHA check on the sources in question). >
Err no IT IS NOT. The version submitted for validation included various changes to sequestered code (the stuff under fips/). No released version of OpenSSL currently includes these changes. The current 0.9.7-stable snapshot sequestered code matches the submitted version. 0.9.7j (not yet released) and later releases will also match it. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
