OpenSSL 3.0.0 FIPS Validation

Matt Caswell matt at
Tue Jun 4 09:40:31 UTC 2019

On 04/06/2019 00:08, Matthew Lindner wrote:
> I notice that the OpenSSL 3.0.0 design page
> still references
> "CAVS testing" even though CAVS testing is shortly ending with the
> release of ACVP testing. See:
> The new format is JSON based and entirely different from the previous
> CAVS file format.
> Is OpenSSL team simply using "CAVS Testing" generically or is OpenSSL
> team missing some information?

We're well aware of the ACVP testing that is coming down the line. At the time
we made the design decisions it was not clear whether ACVP would be available
and sufficiently mature within the timescales we needed it to be. Therefore we
made the decision to go with CAVS testing for the initial 3.0 release.


More information about the openssl-project mailing list