Just to verify, heart bleed doesn't look like it effects the fipscanister.
I can just recompile openssl 1.0.1c with the no heart beat option and my
current canister and still retain FIPS certification.
mobile command center.
On Apr 10, 2014, at 5:54 AM, Jason Todd ja...@bluntstick.com wrote:
Just to verify, heart bleed doesn't look like it effects the
fipscanister. I can just recompile openssl 1.0.1c with the no heart beat
option and my current canister and still retain FIPS certification
Found my own answer on an earlier thread. You need the option -Wl,-Bsymbolic
to link a shared libary (that has static linked ssl-fips) correctly
On Mon, Sep 10, 2012 at 5:43 PM, Jason Todd ja...@bluntstick.com wrote:
So I can build a fips compliant executable and turn fips on/off
I just would like to verify this is correct. I've been digging through the
manuals but it would nice to just have a verification.
1) I plan to build a build environment (for Linux and Windows) that matches
what is specified in the 140sp1747.pdf and build the fipscanister
2) Then build
I understand that its not validated. But if I understand correctly, I can
claim vendor affirmed if I can build it with no modifications (and at
least the canister builds with no modifications). Is this correct?
was assuming that this somehow magically made me the vendor as well. But
I can assert user affirmation for OSX?
On Thu, Aug 30, 2012 at 4:02 PM, Steve Marquess
marqu...@opensslfoundation.com wrote:
On 08/30/2012 02:02 PM, Jason Todd wrote:
I understand that its not validated. But if I understand
, 2012 at 4:20 PM, Jason Todd ja...@bluntstick.com wrote:
I'm sorry, I misread one of your earlier messages on the subject:
Normally recompilation would only be done by the
vendor of record (OSF for this validation), but for the OpenSSL FIPS
Object Module series of validations compilation from