I'm not seeing anything about openssl-fips-2.0.11 in http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747 , so I'm not quite certain what its validation/certificate status is? Also, is a new Security Policy in the works integrating the new HMAC digests for the new versions of -fips and -fips-ecp?
(Also, would the mandatory HMAC calculation of the original tarball be okay if it were done using a FIPS-validated version of Mozilla's NSS?) -Kyle H -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
