[14539] in cryptography@c2.net mail archive
Re: Other OpenSSL-based crypto modules FIPS 140 validated?
daemon@ATHENA.MIT.EDU (Nathan P. Bardsley)
Mon Oct 6 17:48:59 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 06 Oct 2003 13:49:24 -0700
To: Ronald Perez <ronpz@us.ibm.com>, cryptography@metzdowd.com
From: "Nathan P. Bardsley" <nathan@player.org>
In-Reply-To: <OF3B2D2448.2758E6A9-ON85256DB7.006B7B31-85256DB7.006BDD56@
us.ibm.com>
Anecdotally, I've heard that there are many, but almost all of them were
done by vendors for embedding in their proprietary products.
At 12:38 PM 10/6/2003, Ronald Perez wrote:
>While at the NIST FIPS 140 site earlier today (looking for that mysterious
>nCipher certificate), I noticed that certificate #350 was issued last
>Friday -- for "IBM Crypto for C (ICC)".
>
>I think that the interesting thing about this crypto [SW] module and cert
>is that it's based on OpenSSL. I know we've discussed the [forthcoming]
>validation of OpenSSL itself, and we know about the Crypto++ and
>Netscape/Sun/Mozilla open source crypto modules, but my question now is,
>are there any other "OpenSSL-based" FIPS 140 validated crypto modules, or
>is this the first?
>
>-Ron
>
>Disclaimer: although I'm employed by IBM, I had nothing to with this
>validation or with ICC (it's a big place)
>
>---------------------------------------------------------------------
>The Cryptography Mailing List
>Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
