This is the promised update to my message of February 4. As before, if you don't know what FIPS 140-2 is then ignore this and count yourself lucky.
Effective Jan 1 some new FIPS 140-2 validation requirements were introduced that failed to take into consideration the impact on "change letter" updates to existing validations. As a consequence we have been unable to proceed with the addition of platforms to the #1747 validation, aka the OpenSSL FIPS Object Module 2.0. I am pleased to report that after three months the CMVP has finally issued the guidance that allows us to proceed with change letter updates to the #1747 validation. We currently have eleven platforms in-house and are working the formal testing process for those as expeditiously as possible. Those will appear as revision 2.0.7. On January 20 we submitted the formal paperwork for approval of revision 2.0.6 to the OpenSSL FIPS Object Module 2.0 to completely remove the Dual EC DRBG implementation. I am informed that submission is under review but have no idea if or when approval can be expected, so the revision 2.0.7 testing is proceeding with the Dual EC DRBG code in place. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com marqu...@openssl.com gpg/pgp key: http://openssl.com/docs/0xCE69424E.asc ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
