On Tuesday 27 June 2006 14:28, Stephen John Smoogen wrote: > I was wondering how the systems will implement encryption algorithms > for FIPS-140-1 compliance.
FIPS 140 and LSPP have nothing in common. LSPP does not require it. > Will they be shipping with openssl-fips-1.0.tar.gz and having that as the > library set compiled against.. or will there be a seperate binary/library > channel for these? I explained this on fedora-devel list a while back. openssl-fips-1.0.tar.gz cannot be shipped by us for several reasons. First, it contains patented algorithms which Red Hat objects to. This is documented in the README file inside the same tarball. Also, the FIPS 140 work was done on 0.9.7 and we are way past that somewhere in 0.9.8 series. The cert on 0.9.7 does not carry over to 0.9.8. A new cert must be done. -Steve -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
