> * charles.mcdev...@emc.com (charles.mcdev...@emc.com) wrote: > > Don't forget that OpenSSL has a FIPS-140 compliant version, and FIPS-140 > compliance is essential to many Federal users. > > Essential? That's a bit much. Yes, it shows up on a FISMA review as an > open action item, but it's a risk that can both be accepted and > mitigated. I also thought FIPS-140 version required API changes.. > > > GnuTLS doesn't qualify. > > That should be "doesn't currently".. >
Doesn't currently? Does that mean you know of a project to get FIPS certification for it? I don't. The current OpenSSL has a version that is (the only source-code-level FIPS-140 certification ever). And yes, it is API compatible with the non-FIPS one. It just doesn't support some of the algorithms that the other does. The GNU people will never be 100% satisfied by anything you do to psql, other than making it GPL. Readline is specifically licensed in a way to try to force this (but many disagree with their ability to force this). -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
