I've gone through the FIPS User Guide and have built OpenSSL 1.0.1c with the FIPS module 2.0.2. From a practical perspective I'm trying to sort out in my mind the following:
- What is functionally different between the standard OpenSSL and OpenSSL compiled with FIPS and _not_ in FIPS mode (i.e. FIPS_mode_set(1) _not_ called)? - Why isn't the FIPS module simply built right into OpenSSL and for those who don't want to run in FIPS mode they simply don't call FIPS_mode_set(1)? Thanks, LM ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org