[openssl-commits] [web] beta update
Rich Salz
rsalz at openssl.org
Tue Dec 12 17:42:09 UTC 2017
The branch beta has been updated
discards e43f369b194c52ec3c39f9f29100f3f224215e1a (commit)
discards bd4dc221678afb84d3db99c9ce9e7004b8542a23 (commit)
discards d11a31a06a2cafdabcefac864c7059e2250371b1 (commit)
via ffdf873915014cd2af0a67984afc6f975eb29c7a (commit)
via 7f81cbc2d8e72cd13f56ffe707a668e77ddacc68 (commit)
via 587b39042d0e9bc3e7adb4d466b866ea9a7636f2 (commit)
via 389c6958d4cf8a7af8021c1f3024571531f6a4d2 (commit)
via 1b65e51e555a23b7304ef922afef2ed9e4602649 (commit)
via efdccc8d21c173fed82081254bb1b967e2fb8895 (commit)
This update added new revisions after undoing existing revisions. That is
to say, the old revision is not a strict subset of the new revision. This
situation occurs when you --force push a change and generate a repository
containing something like this:
* -- * -- B -- O -- O -- O (e43f369b194c52ec3c39f9f29100f3f224215e1a)
\
N -- N -- N (ffdf873915014cd2af0a67984afc6f975eb29c7a)
When this happens we assume that you've already had alert emails for all
of the O revisions, and so we here report only the revisions in the N
branch from the common base, B.
- Log -----------------------------------------------------------------
commit ffdf873915014cd2af0a67984afc6f975eb29c7a
Author: Rich Salz <rsalz at akamai.com>
Date: Mon Dec 11 12:30:32 2017 -0500
Phase 2, policies->project
commit 7f81cbc2d8e72cd13f56ffe707a668e77ddacc68
Author: Rich Salz <rsalz at akamai.com>
Date: Mon Dec 11 12:27:36 2017 -0500
Move some policies files to governance
Also phase one of naming policies->project
commit 587b39042d0e9bc3e7adb4d466b866ea9a7636f2
Author: Rich Salz <rsalz at akamai.com>
Date: Mon Dec 11 12:18:10 2017 -0500
Remove old roadmap
-----------------------------------------------------------------------
Summary of changes:
docs/fips.html | 76 +++++++++++++++++++++-----------
docs/fipsnotes.html | 70 ------------------------------
docs/fipsvalidation.html | 98 ------------------------------------------
img/DHS-logo-med.jpg | Bin 5469 -> 0 bytes
img/cerberus-logo-med.jpg | Bin 3731 -> 0 bytes
img/citrix-logo-med.jpg | Bin 4358 -> 0 bytes
img/innominate-logo-med.jpg | Bin 4082 -> 0 bytes
img/opengear-logo-med.jpg | Bin 40012 -> 0 bytes
img/pkware-logo-med.jpg | Bin 47611 -> 0 bytes
img/psw-logo-med.jpg | Bin 11869 -> 0 bytes
img/psw-logo.gif | Bin 977 -> 0 bytes
img/quintessence-logo-med.jpg | Bin 3961 -> 0 bytes
img/symantec-logo-large.jpg | Bin 28928 -> 0 bytes
img/unionpay.jpg | Bin 2103 -> 0 bytes
14 files changed, 50 insertions(+), 194 deletions(-)
delete mode 100644 docs/fipsnotes.html
delete mode 100644 docs/fipsvalidation.html
delete mode 100644 img/DHS-logo-med.jpg
delete mode 100644 img/cerberus-logo-med.jpg
delete mode 100644 img/citrix-logo-med.jpg
delete mode 100644 img/innominate-logo-med.jpg
delete mode 100644 img/opengear-logo-med.jpg
delete mode 100644 img/pkware-logo-med.jpg
delete mode 100644 img/psw-logo-med.jpg
delete mode 100644 img/psw-logo.gif
delete mode 100644 img/quintessence-logo-med.jpg
delete mode 100644 img/symantec-logo-large.jpg
delete mode 100644 img/unionpay.jpg
diff --git a/docs/fips.html b/docs/fips.html
index ffef801..8c67a04 100644
--- a/docs/fips.html
+++ b/docs/fips.html
@@ -10,40 +10,34 @@
<header><h2>FIPS-140</h2></header>
<div class="entry-content">
- <p>
- For a basic introduction and some general
- background see <a
- href="fipsnotes.html">Important Notes About OpenSSL and FIPS 140-2</a>.
- For information about sponsorship and support, see
- <a href="fipsvalidation.html">OpenSSL and FIPS 140-2</a>.
- </p>
-
+ <p>For a basic introduction,
+ <a href="#background">see below</a>. Thanks to multiple platform
+ sponsorships, the 2.0 validations include the largest number of
+ formally tested platforms for any validated module.</p>
<p>The most recent open source based validation of a cryptographic
- module (Module) compatible with the OpenSSL 1.0.1 and 1.0.2 libraries is v2.0.16,
- FIPS 140-2 certificate <a
+ module (Module) compatible with the OpenSSL 1.0.1 and 1.0.2
+ libraries is v2.0.16, FIPS 140-2 certificate <a
href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747">#1747</a>.
- For convoluted bureaucratic reasons the same module is also available under the validations
- <a
+ This Module is documented in the
+ <a href="fips/UserGuide-2.0.pdf">2.0 User Guide</a>;
+ the <a href="/source/openssl-fips-2.0.16.tar.gz">source code</a>,
+ and <a href="fips/SecurityPolicy-2.0.16.pdf">Security Policy</a>
+ are also available.
+
+ <p>
+ For convoluted bureaucratic reasons, the same module is also
+ available under the validations <a
href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2398">#2398</a>
- (revision 2.0.16) and
- <a
+ (revision 2.0.16) and <a
href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2473">#2473</a>
(revision 2.0.10).
- This Module is documented in the
- <a href="fips/UserGuide-2.0.pdf">2.0 User Guide</a>.
</p>
- <p>Thanks to multiple platform sponsorships the 2.0 validations
- include the largest number of formally tested platforms for any
- validated module.</p>
-
- The <a href="/source/openssl-fips-2.0.16.tar.gz">source code</a>,
- <a href="fips/UserGuide-2.0.pdf">User Guide</a>, and
- <a href="fips/SecurityPolicy-2.0.16.pdf">Security Policy</a>
- are available.
- Here is the complete set of files:</p>
-
+ <p>
+ Here is the complete set of files. Note that if you are interested
+ in the "1747" validation, you only need the three files mentioned
+ above.</p>
<table>
<tr>
@@ -55,6 +49,36 @@
</table>
<p> </p>
+ <h3><a name="background">Background</a></h3>
+
+ <p>Please please read the <a
+ href="fips/UserGuide.pdf">User Guide</a>.</p>
+
+ <ul>
+
+ <li>OpenSSL itself is not validated. Instead a special
+ carefully defined software component called the OpenSSL FIPS
+ Object Module has been created. This Module was designed for
+ compatibility with OpenSSL so that products using the OpenSSL
+ API can be converted to use validated cryptography with minimal
+ effort.</li>
+
+ <li>The OpenSSL FIPS Object Module validation is "delivered" in
+ source code form, meaning that if you can use it exactly as is
+ and can build it (according to the very specific documented
+ instructions) for your platform, then you can use it as
+ validated cryptography on a "vendor affirmed" basis.</li>
+
+ <li>If even the tiniest source code or build process changes are
+ required for your intended application, you cannot use the open
+ source based validated module directly. You must obtain your
+ own validation.</li>
+
+ <li>None of the validations will work with OpenSSL 1.1.0 or
+ later.</li>
+
+ </ul>
+
</div>
<footer>
You are here: <a href="/">Home</a>
diff --git a/docs/fipsnotes.html b/docs/fipsnotes.html
deleted file mode 100644
index 7f689fd..0000000
--- a/docs/fipsnotes.html
+++ /dev/null
@@ -1,70 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<!--#include virtual="/inc/head.shtml" -->
-<body>
- <!--#include virtual="/inc/banner.shtml" -->
- <div id="main">
- <div id="content">
- <div class="blog-index">
- <article>
- <header><h2>Important Notes about OpenSSL and FIPS 140</h2></header>
- <div class="entry-content">
- <p>Please please read the <a href="fips/UserGuide.pdf">User Guide</a>.</p>
-
- <h3>FIPS What? Where Do I Start?</h3>
-
- <ul>
-
- <li>OpenSSL itself is not validated. Instead
- a special carefully defined software component called the
- OpenSSL FIPS Object Module has been created. This Module was
- designed for compatibility with OpenSSL so that products using
- the OpenSSL API can be converted to use validated cryptography
- with minimal effort.</li>
-
- <li>The OpenSSL FIPS Object Module validation
- is "delivered" in source code form, meaning that if you can use it
- exactly as is and can build it (according to the very specific documented
- instructions) for your platform, then you can use it as
- validated cryptography on a "vendor affirmed" basis.</li>
-
- <li>If even the tiniest source code or build process changes are
- required for your intended application, you cannot use the open
- source based validated module directly. You must obtain your
- own validation.</li>
-
- </ul>
-
- <p>Note that FIPS 140-2 validation is a complicated topic that the
- above summary does not adequately address. You have been
- warned!</p>
-
- <h3>Current Validations</h3>
-
- <p> The most recent open source based validation is the FIPS 140-2
- certificate <a
- href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747">#1747</a>.
- You will need the <a
- href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf">Security Policy</a>
- and <a href="/source/openssl-fips-2.0.tar.gz">source</a>
- at a minimum. And did we mention the
- <a href="fips/UserGuide.pdf">User Guide</a>?</p>
-
- We are not currently taking on any additional validation work
- nor adding new platforms to the existing "1747" validation.
-
- </div>
- <footer>
- You are here: <a href="/">Home</a>
- : <a href=".">Docs</a>
- : <a href="">Important Notes about OpenSSL and FIPS-140</a>
- <br/><a href="/sitemap.txt">Sitemap</a>
- </footer>
- </article>
- </div>
- <!--#include virtual="sidebar.shtml" -->
- </div>
- </div>
-<!--#include virtual="/inc/footer.shtml" -->
-</body>
-</html>
diff --git a/docs/fipsvalidation.html b/docs/fipsvalidation.html
deleted file mode 100644
index d36c2d2..0000000
--- a/docs/fipsvalidation.html
+++ /dev/null
@@ -1,98 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<!--#include virtual="/inc/head.shtml" -->
-<body>
- <!--#include virtual="/inc/banner.shtml" -->
- <div id="main">
- <div id="content">
- <div class="blog-index">
- <article>
- <header><h2>OpenSSL and FIPS 140-2</h2></header>
-
- <div class="entry-content">
- <p>The most recent open source based validation of a cryptographic
- module (Module) compatible with the OpenSSL libraries is v2.0.9,
- FIPS 140-2 certificate <a
- href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747">#1747</a>.
- This Module is documented in the
- <a href="fips/UserGuide-2.0.pdf">2.0 User Guide</a>. It substantially
- updates and improves the earlier v1.2 module, FIPS 140-2
- certificate
- <a
- href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1051">#1051</a>,
- which is documented in the
- <a href="fips/UserGuide-1.2.pdf">1.2 User Guide</a>.</p>
-
- <h3>Sponsors</h3>
- <p>The OpenSSL FIPS Object Module validations receive support
- from multiple sources for each validation effort; however only
- those sponsors who have elected to be recognised for their
- contribution to OpenSSL are listed below.</p>
-
- <hr>
- <a href="http://www.darpa.mil/Our_Work/I2O/Programs/Transformative_Apps.aspx">Defense Advanced Research Projects Agency (DARPA) Transformative Apps Program</a>,
- original primary sponsor of the overall validation with several Android on ARMv7 platforms.
-
- <hr>
- <a href="http://www.securenetterm.com/">Intersoft International, Inc.</a>,
- platform sponsor (VC++ Win32/x86 asm optimisation)
-
- <hr>
- <img src="/img/opengear-logo-med.jpg">
- <a href="http://www.opengear.com/">Opengear, Inc.</a>, platform sponsor
- (uCLinux ARMv4 asm optimisation)
-
- <hr>
- <img src="/img/quintessence-logo-med.jpg">
- <a href="http://www.quintessencelabs.com/">QuintessenceLabs Pty Ltd</a>,
- platform sponsor (Fedora 14 x86-64 asm optimisation)
-
- <hr>
- <img src="/img/pkware-logo-med.jpg">
- <a href="https://www.pkware.com/">PKWARE, Inc.</a>, platform sponsor
- (HPUX 11i on Itanium 32, 64 bit with asm optimisation)
-
- <hr>
- <img src="/img/cerberus-logo-med.jpg">
- <a href="https://www.cerberusftp.com/">Cerberus, LLC</a>, general sponsor
- <hr>
- <img src="/img/DHS-logo-med.jpg">
- <a href="http://www.cyber.st.dhs.gov/host.html">DHS Science and Technology Directorate-sponsored Homeland Open Security Technology (HOST) program</a>,
- algorithm sponsor (CMAC, AES-CCM)
-
- <hr>
- <img src="/img/innominate-logo-med.jpg">
- <a href="https://www.innominate.com/">Innominate Security Technologies AG</a>,
- platform sponsor (Linux on Freescale MPC8313)
-
- <hr>
- <img src="/img/psw-logo-med.jpg">
- <a href="http://www.psw.net/">PSW GROUP</a>,
- general sponsor
-
- <hr>
- <img src="/img/citrix-logo-med.jpg">
- <a href="https://www.citrix.com/">Citrix Systems, Inc.</a>,
- platform sponsor (multiple platforms)
-
- <hr>
-
- <p>If you have an interest in sponsoring any changes or additions
- to this validation please contact us via an email to <a
- href="mailto:osf-contact at opensl.org">osf-contact at openssl.org</a>.</p>
-
- </div>
- <footer>
- You are here: <a href="/">Home</a>
- : <a href=".">Documentation</a>
- : <a href="">OpenSSL and FIPS 140-2</a>
- <br/><a href="/sitemap.txt">Sitemap</a>
- </footer>
- </article>
- </div>
- <!--#include virtual="sidebar.shtml" -->
- </div>
- </div>
-<!--#include virtual="/inc/footer.shtml" -->
-</body>
-</html>
diff --git a/img/DHS-logo-med.jpg b/img/DHS-logo-med.jpg
deleted file mode 100644
index 9b5e354..0000000
Binary files a/img/DHS-logo-med.jpg and /dev/null differ
diff --git a/img/cerberus-logo-med.jpg b/img/cerberus-logo-med.jpg
deleted file mode 100644
index 83909c3..0000000
Binary files a/img/cerberus-logo-med.jpg and /dev/null differ
diff --git a/img/citrix-logo-med.jpg b/img/citrix-logo-med.jpg
deleted file mode 100644
index f3d05cd..0000000
Binary files a/img/citrix-logo-med.jpg and /dev/null differ
diff --git a/img/innominate-logo-med.jpg b/img/innominate-logo-med.jpg
deleted file mode 100644
index 1567fd6..0000000
Binary files a/img/innominate-logo-med.jpg and /dev/null differ
diff --git a/img/opengear-logo-med.jpg b/img/opengear-logo-med.jpg
deleted file mode 100644
index 3f27046..0000000
Binary files a/img/opengear-logo-med.jpg and /dev/null differ
diff --git a/img/pkware-logo-med.jpg b/img/pkware-logo-med.jpg
deleted file mode 100644
index 95b7c2e..0000000
Binary files a/img/pkware-logo-med.jpg and /dev/null differ
diff --git a/img/psw-logo-med.jpg b/img/psw-logo-med.jpg
deleted file mode 100644
index d330f06..0000000
Binary files a/img/psw-logo-med.jpg and /dev/null differ
diff --git a/img/psw-logo.gif b/img/psw-logo.gif
deleted file mode 100644
index 781114b..0000000
Binary files a/img/psw-logo.gif and /dev/null differ
diff --git a/img/quintessence-logo-med.jpg b/img/quintessence-logo-med.jpg
deleted file mode 100644
index 8fce045..0000000
Binary files a/img/quintessence-logo-med.jpg and /dev/null differ
diff --git a/img/symantec-logo-large.jpg b/img/symantec-logo-large.jpg
deleted file mode 100644
index 8be773b..0000000
Binary files a/img/symantec-logo-large.jpg and /dev/null differ
diff --git a/img/unionpay.jpg b/img/unionpay.jpg
deleted file mode 100644
index 1a745b5..0000000
Binary files a/img/unionpay.jpg and /dev/null differ
More information about the openssl-commits
mailing list