On Wed, Aug 19, 2009, Carlo Milono wrote:
>
>
> [] My Public Sector Customers seem happy with the functionality, though
> not without a shock: many of their certificates were signed with MD5 (and
> MD2) and our application now happily rejects them (and their CA was
> self-signed with MD5, so di
rators and it depends on the user to follow i.e. enforce no concurrent
> operators elsewhere?
> Thank you,
> -Pandit
>
> From: Kyle Hamilton
> To: openssl-users@openssl.org
> Sent: Wednesday, August 19, 2009 1:41:53 PM
> Subject: Re: Preve
nds on the user to follow i.e. enforce no concurrent operators
elsewhere?
Thank you,
-Pandit
From: Kyle Hamilton
To: openssl-users@openssl.org
Sent: Wednesday, August 19, 2009 1:41:53 PM
Subject: Re: Prevent concurrent operator in FIPS mode
The API does n
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Kyle Hamilton
Sent: Wednesday, August 19, 2009 10:42 AM
To: openssl-users@openssl.org
Subject: Re: Prevent concurrent operator in FIPS mode
The API does not prevent concurrent
The API does not prevent concurrent operators. The guidance from the
CMVP is that an application (even if operated by a webserver on behalf
of someone else) is an operator for purposes of determining compliance
with that restriction.
Of course, the CMVP seems to want to reduce the functionality o
