I'm sorry, I misread one of your earlier messages on the subject: "Normally recompilation would only be done by the vendor of record (OSF for this validation), but for the OpenSSL FIPS Object Module series of validations compilation from source is part of the module installation process. "
I was assuming that this somehow magically made me the vendor as well. But I can assert "user affirmation" for OSX? On Thu, Aug 30, 2012 at 4:02 PM, Steve Marquess < marqu...@opensslfoundation.com> wrote: > On 08/30/2012 02:02 PM, Jason Todd wrote: > > I understand that its not validated. But if I understand correctly, I > > can claim "vendor affirmed" if I can build it with no modifications (and > > at least the canister builds with no modifications). Is this correct? > > Only if you are the vendor. In the case of validation #1747 the vendor > is the OpenSSL Software Foundation. > > You are thinking of "user affirmation" (I.G. G.5): > > http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf > > -Steve M. > > -- > Steve Marquess > OpenSSL Software Foundation, Inc. > 1829 Mount Ephraim Road > Adamstown, MD 21710 > USA > +1 877 673 6775 s/b > +1 301 874 2571 direct > marqu...@opensslfoundation.com > marqu...@openssl.com > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
