[openssl-users] FIPS Linux kernel documentation ?

Henrik Grindal Bakken hgb at ifi.uio.no
Fri Mar 27 08:45:35 UTC 2015

Steve Marquess <marquess at openssl.com>

>> If the CMVP bureaucracy insists on a specific kernel version
>> for the platform number, this should be one of the "Long Term
>> Support" kernel releases to maximize longevity (assuming that
>> regular OS patching within a version number is still accepted
>> as "same platform").
> Worse: it would need to be validated on every "Operational Environment"
> (OE): meaning every Linux distribution: Debian N.M for every N and M,
> Fedora N.M, Ubuntu N.M, CentOS N.M, ...

Are you certain?  For a user-space component like OpenSSL, this is
obviously true, but I think you could argue that a kernel module's
"Operational Environment" has no relation to the Linux distro, only to
the kernel it's loaded by and the hardware architecture (and perhaps the

Henrik Grindal Bakken <hgb at ifi.uio.no>
PGP ID: 8D436E52
Fingerprint: 131D 9590 F0CF 47EF 7963  02AF 9236 D25A 8D43 6E52

More information about the openssl-users mailing list