[openssl-users] FIPS Linux kernel documentation ?
Henrik Grindal Bakken
hgb at ifi.uio.no
Fri Mar 27 08:45:35 UTC 2015
Steve Marquess <marquess at openssl.com>
writes:
>> If the CMVP bureaucracy insists on a specific kernel version
>> for the platform number, this should be one of the "Long Term
>> Support" kernel releases to maximize longevity (assuming that
>> regular OS patching within a version number is still accepted
>> as "same platform").
>
> Worse: it would need to be validated on every "Operational Environment"
> (OE): meaning every Linux distribution: Debian N.M for every N and M,
> Fedora N.M, Ubuntu N.M, CentOS N.M, ...
Are you certain? For a user-space component like OpenSSL, this is
obviously true, but I think you could argue that a kernel module's
"Operational Environment" has no relation to the Linux distro, only to
the kernel it's loaded by and the hardware architecture (and perhaps the
compiler).
--
Henrik Grindal Bakken <hgb at ifi.uio.no>
PGP ID: 8D436E52
Fingerprint: 131D 9590 F0CF 47EF 7963 02AF 9236 D25A 8D43 6E52
More information about the openssl-users
mailing list