>Yes - I do expect you to be able to build just the validated source
independently of the rest of the tarball so that you could (for example)
run the
latest main OpenSSL version but with an older module.
Which means that this doesn't have to happen in the first release since there
>Integrity of validated source code when other parts of the tarball
get regular changes?
The design doc, just recently published, talks about this a bit. Not all
details are known yet.
>Building the validated source code in a controlled environment
separate from the full tar
anks,
Mark Ludwig
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Jakob Bohm via openssl-users
Sent: Thursday, February 14, 2019 10:34 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] OpenSSL 3.0 and FIPS Update
On 13/02/2019 2
On 14/02/2019 16:34, Jakob Bohm via openssl-users wrote:
> On 13/02/2019 20:12, Matt Caswell wrote:
>>
>> On 13/02/2019 17:32, Jakob Bohm via openssl-users wrote:
>>> On 13/02/2019 12:26, Matt Caswell wrote:
Please see my blog post for an OpenSSL 3.0 and FIPS Update:
https://www.op
On 13/02/2019 20:12, Matt Caswell wrote:
On 13/02/2019 17:32, Jakob Bohm via openssl-users wrote:
On 13/02/2019 12:26, Matt Caswell wrote:
Please see my blog post for an OpenSSL 3.0 and FIPS Update:
https://www.openssl.org/blog/blog/2019/02/13/FIPS-update/
Matt
Given this announcement, a fe
On 13/02/2019 17:32, Jakob Bohm via openssl-users wrote:
> On 13/02/2019 12:26, Matt Caswell wrote:
>> Please see my blog post for an OpenSSL 3.0 and FIPS Update:
>>
>> https://www.openssl.org/blog/blog/2019/02/13/FIPS-update/
>>
>> Matt
>
> Given this announcement, a few questions arise:
>
> -
On 13/02/2019 12:26, Matt Caswell wrote:
Please see my blog post for an OpenSSL 3.0 and FIPS Update:
https://www.openssl.org/blog/blog/2019/02/13/FIPS-update/
Matt
Given this announcement, a few questions arise:
- How will a FIPS provider in the main tarball ensure compliance
with the stric
