Sent: Thursday, November 15, 2012 10:17 AM
To: openssl-users@openssl.org
Subject: RE: OpenSSL/FIPS Object Module and FIPS compliance - testing some
assertions
The term 'FIPS compliant' does not refer to the software capability, but to the
implementation used to perform the cryptographic
ect Module and FIPS compliance - testing some
assertions
We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1)
and I'd like to test out this set of assumptions (or maybe they are
'assertions')
- In the context of OpenSSL, FIPS compliance is al
On Tue, Nov 13, 2012 at 4:26 PM, mclellan, dave wrote:
> We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1)
> and I’d like to test out this set of assumptions (or maybe they are
> ‘assertions’)
>
> - In the context of OpenSSL, FIPS compliance is all about algorit
We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1)
and I'd like to test out this set of assumptions (or maybe they are
'assertions')
- In the context of OpenSSL, FIPS compliance is all about algorithm
choice. In FIPS mode (FIPS_mode_set() returns success),
On 11/14/2012 04:21 PM, mclellan, dave wrote:
> Thanks for that clarification. It's not so cut and dry, I see.
>
> About this: "... and don't even bother to build fipscanister.o"... Then on
> what grounds could they claim FIPS compliance?
There is a common confusion between "FIPS compliant"
@openssl.org
> Subject: Re: OpenSSL/FIPS Object Module and FIPS compliance - testing some
> assertions
>
> On Wed, Nov 14, 2012 at 3:25 PM, mclellan, dave wrote:
>> ...
>> We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1)
>> and I
lto:owner-openssl-us...@openssl.org]
On Behalf Of Jeffrey Walton
Sent: Wednesday, November 14, 2012 3:57 PM
To: openssl-users@openssl.org
Subject: Re: OpenSSL/FIPS Object Module and FIPS compliance - testing some
assertions
On Wed, Nov 14, 2012 at 3:25 PM, mclellan, dave wrote:
> ...
> We are starti
On Wed, Nov 14, 2012 at 3:25 PM, mclellan, dave wrote:
> ...
> We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1)
> and I’d like to test out this set of assumptions (or maybe they are
> ‘assertions’)
>
> - In the context of OpenSSL, FIPS compliance is all about a
[If this is posted a 2nd time, my apologies, I believe my subscription was
broken]
We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1)
and I'd like to test out this set of assumptions (or maybe they are
'assertions')
- In the context of OpenSSL, FIPS complian