On 02/28/2012 08:33 PM, Alex Chen wrote: > When can we expect the final release of OpenSSL 1.0.1?
Soon. From last week: "The third beta is now released. This is expected to be the final beta depending on the number of bugs reported." > Does FIPS 2.0 only work with OpenSSL 1.0.1 but not 1.0.0? The OpenSSL FIPS Object Module 2.0 (validation pending) is designed to work with OpenSSL 1.0.1 and greater, not 1.0.0. Note it's our intent to have both components of a "FIPS capable" OpenSSL -- the FIPS module plus the compatible OpenSSL -- available together. The formal validation of the FIPS module is waiting on the relevant government bureaucracy (the CMVP). GA for 1.0.1 is a function of how many more bug reports the third beta release generates. Neither schedule can be estimated with certainty but personally I'm hoping for a week or two, less than a month. > There is a > document, > http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140InProcess.pdf, > of pending FIPS certificate and OpenSSL object module is there. > Is that for FIPS 2.0? When was it filed and is there an expected > approval date? Yes, you're seeing the entry for the OpenSSL FIPS Object Module 2.0 which is in "In Review" status. This validation effort has been underway since early January 2011, and the formal test report submission was December 23. Guessing the CMVP response time is a fun spectator sport. Historically their response time has been many months (as long as 13 months from painful 7personal experience). But, based on feedback from multiple sources it appears that the CMVP backlog is at an all time low now of only a couple of months, which if true and not just wishful thinking will mean we should expect the formal validation award Real Soon Now. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.net ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
