[openssl-users] New FIPS 140-2 "SE" Validation Approved

Steve Marquess marquess at openssl.com
Fri Jun 26 12:30:12 UTC 2015


If you don't know or care what FIPS 140-2 is, a hysterical giggle of
pure delight and whoop of relief before moving on is fully justified.

The "SE" (Salavge Edition) validation has been approved:

  http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2398

This actually appeared on the evening of the 24th or morning of the
25th, but then disappeared for several hours, and had a broken link to
the Security Policy for a few hours after that. So I waited a day before
concluding it was here to stay.

The SE validation is one of the two "1A SUB" validations intended to
"ransom"[*] the "hostage"[**] platforms in the #1747 validation. The
other RE validation has not yet been approved, although it differs from
the SE one by exactly six characters and was submitted at the same time.

With the "execution" of the "hostages" anyway[***] these two new
validations may be superfluous. We're not entirely sure and are trying
to figure out what the bureaucracy will and won't do with new "change
letter" updates. We've submitted a change letter update for revision
2.0.10 against both the #1747 and #2398 validations, so time will tell.

The four presumed clerical errors in the list of #1747 survivors (the
"Big Blob o' Text) have still not been corrected after 11 days, nor do
we have any indication that they are not accidental typos. I'm still
assuming clerical error, but we won't know for sure until we get some
sort of response.

-Steve M.

[*] http://openssl.com/fips/ransom.html
[**] http://openssl.com/fips/hostage.html
[***] http://openssl.com/fips/aftermath.html

-- 
Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at opensslfoundation.com
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc


More information about the openssl-users mailing list