[openssl-commits] [web] master update

Rich Salz rsalz at openssl.org
Tue Aug 14 11:59:42 UTC 2018

The branch master has been updated
       via  22fe269070986cdb68933423044f4d126a154d0c (commit)
      from  23d754d753ebe6ed6b1ec6e8c9cecd67bdb0c6a1 (commit)

- Log -----------------------------------------------------------------
commit 22fe269070986cdb68933423044f4d126a154d0c
Author: Rich Salz <rsalz at akamai.com>
Date:   Tue Aug 14 07:59:18 2018 -0400

    Add FIPS FAQ, update FIPS status.


Summary of changes:
 docs/faq-5-misc.txt |  7 +++++++
 docs/fips.html      | 21 ++++++++++++++-------
 2 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/docs/faq-5-misc.txt b/docs/faq-5-misc.txt
index f2810e5..006b323 100644
--- a/docs/faq-5-misc.txt
+++ b/docs/faq-5-misc.txt
@@ -33,6 +33,13 @@ that came with the version of OpenSSL you are using. The pod format
 documentation is included in each OpenSSL distribution under the docs
+* I need a FIPS validated offering
+Please see
+@@@https://www.openssl.org/docs/fips.html@@@; the OpenSSL project is no longer
+involved in private label validations nor adding platforms to the existing
 * How can I contact the OpenSSL developers?
 The README file describes how to submit bug reports and patches to
diff --git a/docs/fips.html b/docs/fips.html
index 5c9b3ec..7bbce9c 100644
--- a/docs/fips.html
+++ b/docs/fips.html
@@ -10,7 +10,7 @@
 	  <div class="entry-content">
-	    <p>The most recent open source based validation of a cryptographic
+	    <p>The current validation of a cryptographic
 	    module (Module) compatible with the OpenSSL 1.0.2
 	    is v2.0.16, FIPS 140-2 certificate <a
@@ -28,6 +28,19 @@
+            Neither validation will work with any release other than 1.0.2.
+            The OpenSSL project is no longer maintaining either the 1747
+            or the 2398 module. This includes adding platforms to those
+            validations.
+            We are starting work on a new validation, after the 1.1.1
+            release completes.
+            That module will have a small set of validated operational
+            environments.
+            The OpenSSL project is no longer involved in private label
+            validations nor adding platforms to the existing certificates.
+            </p>
+            <p>
 	    Here is the complete set of files. Note that if you are interested
             in the "1747" validation, you only need the three files mentioned
@@ -68,12 +81,6 @@
 	      source based validated module directly.  You must obtain your
 	      own validation.</li>
-              <li>None of the validations will work with OpenSSL 1.1.0 or
-              later.</li>
-              <li>We are starting work on a new validation based on the
-              upcoming 1.1.1 release.</li>

More information about the openssl-commits mailing list