Questions regarding OpenSSL 3.0 and corresponding FIPS Module

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Questions regarding OpenSSL 3.0 and corresponding FIPS Module

Jason Schultz
I read the most recent (10/20) update to the OpenSSL 3.0 release page here:



I have not done anything with the Alpha releases so far, but I noticed the note "Basic functionality plus basic FIPS module".

Does this mean that there is a FIPS module available to test with in the alpha(and presumably beta) releases?

If the answer to that question is "yes", I'm assuming that the validation of that FIPS Module can't/won't start until after the Final OpenSSL 3.0 release. The timeframe for that validation is TBD, as it always varies.

The Final 3.0 release is currently behind schedule as it was estimated "early Q4 2020". Any ideas on how much behind that release is?

Thanks in advance for any information.

Reply | Threaded
Open this post in threaded view
|

Re: Questions regarding OpenSSL 3.0 and corresponding FIPS Module

Matt Caswell-2


On 05/11/2020 16:54, Jason Schultz wrote:

> I read the most recent (10/20) update to the OpenSSL 3.0 release page here:
>
> https://www.openssl.org/blog/blog/2020/10/20/OpenSSL3.0Alpha7/
>
> As well as the release
> strategy: https://wiki.openssl.org/index.php?title=OpenSSL_3.0_Release_Schedule&oldid=3099
>
> I have not done anything with the Alpha releases so far, but I noticed
> the note "Basic functionality plus basic FIPS module".
>
> Does this mean that there is a FIPS module available to test with in the
> alpha(and presumably beta) releases?

Yes.

>
> If the answer to that question is "yes", I'm assuming that the
> validation of that FIPS Module can't/won't start until after the Final
> OpenSSL 3.0 release. The timeframe for that validation is TBD, as it
> always varies.

Also yes.

>
> The Final 3.0 release is currently behind schedule as it was estimated
> "early Q4 2020". Any ideas on how much behind that release is?

That is still the latest "official" time, but clearly that cannot be
achieved now given that we were supposed to have a beta in September in
that timeline. We still have quite a bit of work to do to get to a beta
release (https://github.com/openssl/openssl/milestone/17). The best I
can offer is that the final release will be "sometime in the New Year".

Matt