On Wed, Dec 17, 2008 at 11:20:08AM -0500, Steve Marquess wrote:
> However in practice most OpenSSL based applications will require some
> source code tweaks to run with FIPS mode enabled and claim compliance
> with the validation requirements. So far (to my knowledge) only Stunnel
> supports a FIPS mode off the shelf, though patches for mod_ssl and
> OpenSSH are in circulation. It's my hope that in time such support will
> be widespread and the global openssl_conf FIPS switch will be usable.
Can you elaborate on what these "tweaks" may be? I'll certainly consider
facilitating a site selected FIPS mode in Postfix, if this is not
disruptive to non-FIPS users.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
