At long last we are approaching an important milestone for the FIPS 140-2 validation of the OpenSSL FIPS Object Module v2.0. Following delays required to implement some additional cryptography requested by our major sponsors, and to obtain a full set of usable CAVS test vectors, we are now ready to release a software distribution to the accredited testing laboratory for formal review and operational testing.
Once that formal test process has begun the introduction of subsequent source code changes will generally not be feasible, so the source code is effectively "frozen". There is a separate process for retroactively modifying an existing validated module, for certain classes of changes such as platform portability, but that process involves additional expense and will be handled independently of the original validation. We plan to "freeze" the OpenSSL FIPS Object Module v2.0 baseline on 2011-10-19 1000 UDT, at which point the candidate source distribution tarball will appear as openssl-fips-2.0-rc1.tar.gz in the http://www.openssl.org/source/ directory. All interested parties are encouraged to test recent snapshots (ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-20111013.tar.gz and later) on their platforms of interest, and report any problems to us. Build and test instructions are given in the ./README.FIPS file. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877-673-6775 marqu...@opensslfoundation.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
