end users. Make it easy to build a FIPS compliant
httpd without patches and help put consultants like me out of business :-)
-Steve M.
--
Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
marqu
: when you don't do all your
cryptography via a specific crypto library (OpenSSL, NSS, etc.) then
FIPS 140-2 compliance goes from trivial (for 2.4) to messy. Not
generally a problem outside of the U.S., but it very much matters
anywhere in the U.S. government market.
-Steve M.
--
Steve Marquess
for out-of-band responder keys. As it is
I've had to hack in a fix to ignore the expired self-signed cert.
-Steve M.
--
Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA
+1 877-673-6775
marqu...@opensslfoundation.com
but nothing solid yet, but I'm confident it will happen
eventually. In the meantime, dropping support for 0.9.8 will force many
government sector Apache users elsewhere.
-Steve M.
--
Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA
+1 877-673
is the one that is
referenced the most.
-Steve M.
--
Steve Marquess
Veridical Systems, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
301-524-9915 cell
301-831-8447 land/fax
[EMAIL PROTECTED]
? There will be some overlap with
OCSP responder query code.
If anyone has insights to offer or would like to collaborate please sing
out. There should be a patch in about a week for bug tracker comments.
Thanks,
-Steve M.
--
Steve Marquess
Open Source Software institute
[EMAIL PROTECTED]