> This among other things requires the application to enable FIPS > mode which a > typical application will not do. One of several effects of > entering FIPS mode > is to disable the use of non-FIPS algorithms: this may cause > problems where > the application expectes to use such algorithms and cannot > gracefully handle > errors.
Also worth mentioning is that application must not use its own implementations of crypto algorithms. You'd be surprised how many applications have an MD5 algorithm squirreled away inside them that they use for all kinds of little things. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]