[14030] in cryptography@c2.net mail archive
Re: OpenSSL *source* to get FIPS 140-2 Level 1 certification
daemon@ATHENA.MIT.EDU (Anton Stiglic)
Fri Sep 5 16:24:22 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Anton Stiglic" <astiglic@okiok.com>
To: "Joshua Hill" <josh-crypto@untruth.org>,
"Rich Salz" <rsalz@datapower.com>
Cc: <cryptography@metzdowd.com>
Date: Fri, 5 Sep 2003 16:15:22 -0400
> On Fri, Sep 05, 2003 at 01:32:21PM -0400, Anton Stiglic wrote:
> > If I'm not mistaken, this would be the first free,
> > open-source, crypto library that has FIPS 140 module certification!
>
> I believe that this is incorrect.
>
> The two open-source projects that I'm aware of that have FIPS 140 certs
> are The Crypto++ Library, (cert 343, issued today) and The Mozilla
> project's NSS, which was certified by SUN under FIPS 140-1, levels 1
> and 2. (certs 247 and 248).
You are correct, I just saw Crypto++ in the list of FIPS 140 validated
modules:
http://csrc.nist.gov/cryptval/140-1/140val-all.htm
It is the latest entry, added today.
Congratulations to Wei Dai!
I was not aware of NSS before, their might be others as well which I
am not aware of then.
OpenSSL`s *source code* being evaluated remains exiting.
Thanks for the information Joshua and Rich!
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
