Thanks Steve. I will look out for the update on the CMVP webpage.
-Ashit
On Fri, Mar 9, 2012 at 1:12 PM, Steve Marquess <
marqu...@opensslfoundation.com> wrote:
> On 03/09/2012 11:18 AM, Ashit Vora wrote:
> > Steve,
> >
> > Please see response from Randy (CMVP Director) below. It clearly
> > ind
On 03/09/2012 11:18 AM, Ashit Vora wrote:
> Steve,
>
> Please see response from Randy (CMVP Director) below. It clearly
> indicates older versions (including v1.2) are no longer considered
> validated since they are not listed on the website:
Randy is the man, so I stand corrected. A huge number
Steve,
Please see response from Randy (CMVP Director) below. It clearly indicates
older versions (including v1.2) are no longer considered validated since
they are not listed on the website:
*"Ashit,
You can always view the change history by downloading the CMVP Validation
DB from: http://csrc.n
On 03/08/2012 08:49 PM, Ashit Vora wrote:
> Steve,
>
> First let me clarify that it isn't my intent to challenge OpenSSL
> validation. In fact the reason I started down this path is because I
> have a product that uses v1.2 and needs to claim FIPS compliance. I
> cannot legitimately make that clai
Steve,
First let me clarify that it isn't my intent to challenge OpenSSL
validation. In fact the reason I started down this path is because I have a
product that uses v1.2 and needs to claim FIPS compliance. I cannot
legitimately make that claim if v1.2 is not listed.
However I have sent a query
On 03/08/2012 06:09 PM, Ashit Vora wrote:
> Regarding the certificate, it will never be updated. Whenever the CMVP
> updates a listing because of a change letter process (IG G.5 scenario 1)
> they only update the website listing. They never update the certificate.
> The understanding is that the we
Regarding the certificate, it will never be updated. Whenever the CMVP
updates a listing because of a change letter process (IG G.5 scenario 1)
they only update the website listing. They never update the certificate.
The understanding is that the website listing supersedes the certificate.
Please s
On 03/08/2012 05:12 PM, Steve Marquess wrote:
> On 03/08/2012 04:05 PM, Ashit Vora wrote:
>> Thanks Steve. This makes sense (i.e. newer versions subsuming older
>> versions).
>>
>> However given that 1.2 is no longer listed on the NIST website, that
>> version can no longer be considered FIPS valid
On 03/08/2012 04:05 PM, Ashit Vora wrote:
> Thanks Steve. This makes sense (i.e. newer versions subsuming older
> versions).
>
> However given that 1.2 is no longer listed on the NIST website, that
> version can no longer be considered FIPS validated. This is an issue for
> deployed products that
Thanks Steve. This makes sense (i.e. newer versions subsuming older
versions).
However given that 1.2 is no longer listed on the NIST website, that
version can no longer be considered FIPS validated. This is an issue for
deployed products that have depended on v1.2 for FIPS compliance.
-Ashit
On
On 03/08/2012 01:43 PM, Ashit Vora wrote:
> Hello,
>
> I searched the archives but did not find the answer to this question.
>
> What is the reason OpenSSL FIPS Object Module v1.2 is no longer listed
> as FIPS validated? It seems only v1.2.3 is now listed:
That's because the original validation
Brendan Simon wrote:
Where can I find information about OpenSSL FIPS Object Module v1.2 ???
Where can this be downloaded from? CVS only? Or are there tarballs
somewhere?
CVS only, branch OpenSSL-fips-0_9_8-stable branch. I'm not releasing
the draft Security Policy yet because it has not been r
It should be public, and probably must be public, given it is supposed
to be true open-source, etc. Everyone should be able to do test builds
(on all types of architectures and variants etc) to iron out bugs, etc,
before being submitted for validation. I'd be very surprised if it
wasn't avail
Kyle Hamilton wrote:
> The FIPS validation process is... odd. And not at all conducive to the
> open-source development model.
>
There is a certain dissonance, for sure :-)
> There is no available OpenSSL FIPS Object Module v1.2.
Well, yes and no. Check out the OpenSSL-fips-0_9_8-stable branch
The FIPS validation process is... odd. And not at all conducive to the
open-source development model.
There is no available OpenSSL FIPS Object Module v1.2. Until it passes
validation, anyway, at which point the openssl-fips-1.2.0.tar.gz file will
be made available. I don't think the source is
15 matches
Mail list logo
