Re: Which PGP product for fips validation of the download?

[Lee Merrill]

Kyle Hamilton wrote: The FIPS version of OpenSSL has an external verification mechanism which does not require a PGP signature verification.  In the Security Policy, there are keyed HMACs ... Thanks for your reply, now this would be I think the second verification, after the verification of the PGP signature, and after talking with PGP salespeople, PGP Professional will do the PGP verification: http://www.pgp.com/products/packages/desktop_pro/index.html Though it does a lot more, but I only need the signature check. Regards, Lee -- "There is nothing remarkable about it. All one has to do is press the right keys at the right time and the computer programs itself." (ala J.S. Bach) Unless otherwise stated, any views presented in this e-mail are solely those of the author and do not necessarily represent those of the company. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]