[openssl-commits] [web] master update

Rich Salz rsalz at openssl.org
Tue Jul 3 15:35:31 UTC 2018 

The branch master has been updated
       via  3c0d5cabf30bc2367a5574b3b9bfd5639396533f (commit)
      from  108c503eb0e909259ef0f1f68a07e74752c2f9a3 (commit)


- Log -----------------------------------------------------------------
commit 3c0d5cabf30bc2367a5574b3b9bfd5639396533f
Author: Rich Salz <rsalz at akamai.com>
Date:   Tue Jul 3 11:35:17 2018 -0400

    Fix NIST links, remove 2473.
    
    Also remove some "political" content.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/63)

-----------------------------------------------------------------------

Summary of changes:
 docs/fips.html | 29 +++++++++++++----------------
 1 file changed, 13 insertions(+), 16 deletions(-)

diff --git a/docs/fips.html b/docs/fips.html
index 8c67a04..5c9b3ec 100644
--- a/docs/fips.html
+++ b/docs/fips.html
@@ -10,15 +10,10 @@
 	  <header><h2>FIPS-140</h2></header>
 	  <div class="entry-content">
 
-	    <p>For a basic introduction,
-	    <a href="#background">see below</a>.  Thanks to multiple platform
-	    sponsorships, the 2.0 validations include the largest number of
-	    formally tested platforms for any validated module.</p>
-
 	    <p>The most recent open source based validation of a cryptographic
-	    module (Module) compatible with the OpenSSL 1.0.1 and 1.0.2
-	    libraries is v2.0.16, FIPS 140-2 certificate <a
-	    href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747">#1747</a>.
+	    module (Module) compatible with the OpenSSL 1.0.2
+	    is v2.0.16, FIPS 140-2 certificate <a
+	    href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/1747">#1747</a>.
 	    This Module is documented in the
 	    <a href="fips/UserGuide-2.0.pdf">2.0 User Guide</a>;
 	    the <a href="/source/openssl-fips-2.0.16.tar.gz">source code</a>,
@@ -26,12 +21,10 @@
             are also available.
 
             <p>
-	    For convoluted bureaucratic reasons, the same module is also
-	    available under the validations <a
-            href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2398">#2398</a>
-	    (revision 2.0.16) and <a
-            href="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2473">#2473</a>
-	    (revision 2.0.10).
+	    For various bureaucratic reasons, the same module is also
+	    available as validation <a
+            href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/2398">#2398</a>
+	    (revision 2.0.16).
 	    </p>
 
             <p>
@@ -69,14 +62,18 @@
 	      instructions) for your platform, then you can use it as
 	      validated cryptography on a "vendor affirmed" basis.</li>
 
-	      <li>If even the tiniest source code or build process changes are
-	      required for your intended application, you cannot use the open
+	      <li>If even a single line of the source code or build process
+              has to be changed
+	      for your intended application, you cannot use the open
 	      source based validated module directly.  You must obtain your
 	      own validation.</li>
 
               <li>None of the validations will work with OpenSSL 1.1.0 or
               later.</li>
 
+              <li>We are starting work on a new validation based on the
+              upcoming 1.1.1 release.</li>
+
 	    </ul>
 
 	  </div>

More information about the openssl-commits mailing list