[openssl-users] HMAC-MD5 OpenSSL 1.0.1e and FIPS 2.0.7

Dr. Stephen Henson steve at openssl.org
Wed Jan 21 14:27:58 UTC 2015

On Wed, Jan 21, 2015, John Laundree wrote:

> Ok, so I will naively ask the question "How does one do TLS 1.0/1.1 in FIPS mode? Or is this no longer allowed, i.e. TLS 1.2 only?"

The use of MD5 for TLS 1.0/1.1 is treated as an exception which is allowed in
FIPS mode but general MD5 use is not.

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list