Security policy pdf documents for OpenSSL 3.1, 1.1, 1.0 and etc?
Dr Paul Dale
pauli at openssl.org
Mon Jul 17 22:48:20 UTC 2023
Also note that no OpenSSL version 1.1.Z was ever (& never will be) FIPS
validated by the project.
FIPS validations are expensive, we cannot validate each and ever version.
However, we do ensure compatibility between released versions and
validated FIPS providers. For example, you can use the 3.0.0 FIPS
provider with OpenSSL 3.1.1. This does mean you might have to build
twice -- once to get the provider and once for OpenSSL. The
instructions are in the README.FIP
On 18/7/23 02:38, Jun Aruga wrote:
> Right now I can see the security policy pdf document links for OpenSSL
> 3.0.8 and 3.0.0 on the page below.
> However, could you tell me where I can download and see the security
> policy pdf documents for the OpenSSL 3.1.1, 3.1.0, other 3.0.Z such as
> 3.0.7, and old OpenSSL versions such as 1.1.Z and 1.0.Z?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users