[openssl-project] OpenSSL 3.0 and FIPS Update
Dmitry Belyavsky
beldmit at gmail.com
Thu Feb 21 15:02:38 UTC 2019
Dear Matt
On Wed, Feb 13, 2019 at 9:30 PM Matt Caswell <matt at openssl.org> wrote:
> Please see my blog post for an OpenSSL 3.0 and FIPS Update:
>
> https://www.openssl.org/blog/blog/2019/02/13/FIPS-update/
After reading the proposed architecture description, I have some questions
that are very important for the developers of non-US certified
openssl-based products.
1. Will it still be available to implement custom RAND_methods via the new
providers API?
2. Can we do something with a bunch of hard-linked non-extendable lists of
internal NIDs?
For example, providing GOST algorithms always requires a patch to extend
3-5 internal lists.
If it could be done dynamically, it will be great.
3. Do you have plans to make some callback structures created by providers?
I mean such structures as SSL key exchange/authentication methods, X.509
extensions etc.
Thank you very much!
--
SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190221/54df1832/attachment.html>
More information about the openssl-users
mailing list