[openssl-users] FIPS 140-2 X9.31 RNG transition expenses

Salz, Rich rsalz at akamai.com
Tue Dec 22 02:32:08 UTC 2015

> Just want to confirm on this item. Are we saying that to get openssl back to be FIPS compliance is just a paper shuffle. If so is there any expected eta on it as our team is using openssl version for a security project and we need a fips compliance library. 


We have answered this many times, but perhaps the messages were too long and confusing. 

We are not doing any work on adding new platforms at this time.  If you cannot use one of the existing platforms, then there is no FIPS support available "for free."

We are not taking on a new validation with new algorithms, etc., unless we get one or more sponsors who are willing to contribute a significant amount of money, among other things.

More information about the openssl-users mailing list