On Tue, Nov 01, 2011, William A. Rowe Jr. wrote: > On 11/1/2011 8:35 PM, Bin Lu wrote: > > > > Do you have an answer for my question below? Is the fips-2.0-test code > > branched off from a > > FIPS-capable version? Which version is it based on if yes? > > AIUI, fipscanister doesn't include TLS 1.2. Nor 1.0, nor SSLv3 or v2. > > That's the beauty of proper delineation. >
Yes, the FIPS module only contains cryptographic algorithms. Protocols are handled by the FIPS capable OpenSSL and out of scope for the validation. The 2.0 validation does include AES-GCM though which is used in TLS 1.2. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org