On 04/08/2016 17:53, Thomas Francis, Jr. wrote:
...
I really should point out three things, though:
1) FIPS 140 compliance (from any software package) is always less secure than
non-FIPS 140 compliant packages. By its nature, the validation process places
software several months to years out
> On Aug 4, 2016, at 11:00 AM, o haya wrote:
>
> Hi,
>
> I've been tasked to look into FIPS 140-2 "compliance" for our systems,
> overall, and I know that there's a "FIPS 140-2 module" for OpenSSL, that
> needs to be built from source and then integrated into OpenSSL by building
> OpenSSL wi
On 08/04/2016 11:00 AM, o haya wrote:
> Hi,
>
> I've been tasked to look into FIPS 140-2 "compliance" for our
> systems, overall, and I know that there's a "FIPS 140-2 module" for
> OpenSSL, that needs to be built from source and then integrated into
> OpenSSL by building OpenSSL with the FIPS mod
Hi,
I've been tasked to look into FIPS 140-2 "compliance" for our systems, overall,
and I know that there's a "FIPS 140-2 module" for OpenSSL, that needs to be
built from source and then integrated into OpenSSL by building OpenSSL with the
FIPS module.
The User guide goes into how to integrate
