Hello, I have two questions regarding support for FIPS in 3.0. We're currently working on early planning for our migration to OpenSSL 3.0 and we're trying to size the effort for our team. We're also beginning to put together contingency plans in the event that dates on either side change dramatically. I suspect I already know the answers to these questions, but I wanted to ask just to be sure so that we plan correctly.
Over the years we have had requirements to include additional functionality within our FIPS boundary beyond what was in the OpenSSL based FOM. We would start with the existing OpenSSL FOM, add in the additional functionality, and then go through a full validation with the test lab on this slightly modified FOM. We had the impression that there are other groups that do the same. An example of additional functionality, especially for the 3.0 FOM, might be something like the SSH KDF. If this KDF were to not be included in the 3.0 FOM and we needed a FIPS validated version of it in our solutions, we would need to move this into the FIPS provider and then take this altered FOM through a complete FIPS validation. If however, we were to create a 3rd party provider that only contains this supplemental FIPS functionality, we could go through an abbreviated FIPS validation of just that functionality and then have both the OpenSSL 3.0 FOM and this supplemental FOM active at the same time in our solution. So the question is, will the OpenSSL 3.0 design allow for more than one active FIPS provider? I've made a pass through the 3.0 design specification looking specifically at FIPS provider related content but did not see an explicit statement that there can only be one FIPS provider, although, I suspect this is the case and wanted to confirm this. If it's at all possible to have two active FIPS provider, it could make subsequent FIPS validations simpler. On the other hand, am I completely missing some fundamental aspect of FIPS provider functionality in 3.0 and this need to add additional support into the FOM will not be as involved as it used to be? The second question is somewhat related. Has there been a decision yet whether the FOM 3.0 will go through a 140-2 or a 140-3 validation? Thanks, Pete
