OpenSSL - FIPS 140 Compliant

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL - FIPS 140 Compliant

Vikram Kamaraj - ERS, HCL Tech

Hello OpenSSL,

 

Which version of OpenSSL is FIPS 140 compliant?

 

Thanks,

Vikram K



::DISCLAIMER::
----------------------------------------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted,
lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents
(with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates.
Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the
views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification,
distribution and / or publication of this message without the prior written consent of authorized representative of
HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately.
Before opening any email and/or attachments, please check them for viruses and other defects.

----------------------------------------------------------------------------------------------------------------------------------------------------


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL - FIPS 140 Compliant

Steve Marquess-4
On 08/17/2016 09:10 AM, Vikram Kamaraj - ERS, HCL Tech wrote:
> Hello OpenSSL,
>
>  
>
> Which version of OpenSSL is FIPS 140 compliant?

None. A more useful question to ask is "for which versions of OpenSSL
are compatible FIPS modules available?". The answer to that is
1.0.1/1.0.2 with the OpenSSL FIPS Object Module 2.0, and (in a year or
two) OpenSSL 1.1 with a new FIPS module still to be developed and
validated (but in progress).

You may want to take a look at the OpenSSL FIPS module user guide:

  https://www-origin.openssl.org/docs/fips/UserGuide-2.0.pdf

The background discussion there will still be relevant for the new FIPS
module.

-Steve M.

--
Steve Marquess
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
[hidden email]
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL - FIPS 140 Compliant

Porter, Andrew
In reply to this post by Vikram Kamaraj - ERS, HCL Tech

Multiple versions of OpenSSL can, with an additional source package (the OpenSSL FIPS module) be built by you to be 140-2 compliant. See

 

http://openssl.com/fips/

 

for more info.

 

From: openssl-users [mailto:[hidden email]] On Behalf Of Vikram Kamaraj - ERS, HCL Tech
Sent: Wednesday, August 17, 2016 06:11
To: [hidden email]
Subject: [openssl-users] OpenSSL - FIPS 140 Compliant

 

Hello OpenSSL,

 

Which version of OpenSSL is FIPS 140 compliant?

 

Thanks,

Vikram K



::DISCLAIMER::
----------------------------------------------------------------------------------------------------------------------------------------------------

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only.
E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted,
lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents
(with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates.
Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the
views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification,
distribution and / or publication of this message without the prior written consent of authorized representative of
HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately.
Before opening any email and/or attachments, please check them for viruses and other defects.

----------------------------------------------------------------------------------------------------------------------------------------------------


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users