[14549] in cryptography@c2.net mail archive
Re: Other OpenSSL-based crypto modules FIPS 140 validated?
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Tue Oct 7 09:34:18 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 7 Oct 2003 21:20:18 +1300
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, nathan@player.org, ronpz@us.ibm.com
"Nathan P. Bardsley" <nathan@player.org> writes:
>Anecdotally, I've heard that there are many, but almost all of them were done
>by vendors for embedding in their proprietary products.
Ditto. The problem is that when vendors have spent $100K+ on the
certification, they're very reluctant to give anyone else (and specifically
their competitors) the benefits of their expenditure, so you end up getting
the same thing re-certified over and over for private use, rather than a
single generally-usable version being certified.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
