On 12/03/2015 10:41 AM, R C Delgado wrote: > ... > > BTW, I had guessed why FIPS certification questions don't get answered: > it's all about funding, but thank you for explaining it in your email. >>>... FIPS validation business; it has gone > from economically marginal to unsustainable and as a result we'll > probably be shutting down the corporate entity that does the FIPS > validation work at the end of this year. I want to turn off the lights > while that business is still (barely) in the black... > > I think a formal statement should be posted on the OpenSSL website, so > that all (FIPS) users know the level of support to expect.
We already have, in the form of a blog entry: https://openssl.org/blog/blog/2015/09/29/fips/ That's still an accurate representation of the situation. We'll continue to try to do "change letter" updates for the existing 2.0 OpenSSL FIPS module for as long as that remains possible. The CMVP has recently introduced a number of new policies and practices with a possibly significant impact on existing validations; at this point I really don't know what the future holds. I'll blog again when I know the outcome of the X9.31 RNG transition issue. -Steve M. -- Steve Marquess OpenSSL Software Foundation 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@openssl.com gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
