Thank you for this answer, and by the way to all others who have answered, and thanks in advance to all who might still. I'm now getting a better picture from the variety of answers.
Apologies again for the repeated post (due to a problem with my subscription to openssl-users) +-+-+-+-+-+-+ Dave McLellan, Symmetrix Software Engineering EMC Corporation, 176 South St, Hopkinton MA Mail Stop 176-B1 1/P-36 office 508-249-1257, fax 508-497-8027 cell 978-500-2546 +-+-+-+-+-+-+ From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Erik Tkal Sent: Thursday, November 15, 2012 10:17 AM To: openssl-users@openssl.org Subject: RE: OpenSSL/FIPS Object Module and FIPS compliance - testing some assertions The term 'FIPS compliant' does not refer to the software capability, but to the implementation used to perform the cryptographic operations. If only one end of your connection is in FIPS mode then the full end to end path is not necessarily FIPS compliant. In fact, without some out-of-band mechanism there is no way to determine what implementation is being used on the other end since the wire protocol is the same. Otherwise the most you can say is that your end of the connection is FIPS compliant. You can still utilize FIPS approved algorithms without guaranteeing FIPS compliance. .................................... Erik Tkal Juniper OAC/UAC/Pulse Development From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of mclellan, dave Sent: Tuesday, November 13, 2012 4:26 PM To: openssl-users@openssl.org Subject: OpenSSL/FIPS Object Module and FIPS compliance - testing some assertions We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1) and I'd like to test out this set of assumptions (or maybe they are 'assertions') - In the context of OpenSSL, FIPS compliance is all about algorithm choice. In FIPS mode (FIPS_mode_set() returns success), weaker algorithms are disabled and OpenSSL returns an error if use of them is attempted in FIPS mode. - As long as one side of the connection insists that FIPS-approved algorithms be used, and as long as the other side is capable and agrees, then the two negotiate only a FIPS-approved algorithm. o Both sides might be implemented with OpenSSL, but only one of them has to be running in FIPS mode for the negotiation to choose a FIPS algorithm. o If one side is not implemented with OpenSSL, the same is still true: as long as it can negotiate a shared cipher with an process running in FIPS-mode, FIPS compliance is still achieved. - Technically the phrase 'FIPS compliant' refers to the software capability; it does not describe the quality of an end-to-end connection. That is, if a running program is 'FIPS-compliant' it will insure that a safe connection will be negotiated, where 'safe connection' means 'a connection using a FIPS-approved algorithm'. Having written these, they now seem like dumb questions, but I'd rather have affirmation of assertions and appear dumb than do the wrong thing based on a wrong assumption. Thanks for your advice (Steve...) +-+-+-+-+-+-+ Dave McLellan, Symmetrix Software Engineering EMC Corporation, 176 South St, Hopkinton MA Mail Stop 176-B1 1/P-36 office 508-249-1257, fax 508-497-8027 cell 978-500-2546 +-+-+-+-+-+-+