OpenSSL *source* to get FIPS 140-2 Level 1 certification
Ben Laurie
ben at algroup.co.uk
Tue Sep 9 19:25:37 EDT 2003
Tolga Acar wrote:
> Well, that is sort of my point.
> SHA1 is not a signature algorithm, sha1-with-rsa is, and that RSA is not
> a certified algorithm in OpenSSL's FIPS 140 certification,
> sha1-with-rsa isn't, either.
> Perhaps, my understanding of the OpenSSL FIPS 140 certification is not
> entirely accurate.
My fault. RSA is not validated (there are no validation tests for it),
but it will be in the code we are submitting for certification.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list