Home


About OSF
 What We Do
 Who We Are
 Contact Info


Resources
 OpenSSL
 Download
 FIPS 140-2
 Testing
 Data Archives
 Export
 Mirrors


 
OpenSSL Software Foundation, Inc.

A brief history of the OpenSSL FIPS Object Module series of FIPS 140-2 validations:

  • The most recent validation #1747 for the OpenSSL FIPS Object Module 2.0 was awarded on 2012-06-27. This FIPS module is compatible with the 1.0.1 and later releases of OpenSSL. This FIPS module is the best choice for any new development.

  • Validation #1051 for the OpenSSL FIPS Object Module 1.2 was awarded 2008-11-17. This FIPS module is only compatible with the 0.9.8 releases of OpenSSL, but is still technically valid for new development.

  • Validation #918 for the OpenSSL FIPS Object Module 1.1.2 was awarded 2008-02-29. This FIPS module is only compatible with the 0.9.7 releases of OpenSSL, but is still technically valid for new development.

  • Validation #733 for the OpenSSL FIPS Object Module 1.1 was awarded 2007-02-06. This validation was later effectively revoked by the CMVP due to a vulnerability that was announced before new validation testing could be performed.

  • Work on the very first validation began in June of 2002 with initial award of validation certificate #642 on 2006-03-22. This first attempt was the OpenSSL FIPS Object Module 1.0. The validation was then briefly revoked and then unrevoked, then later revoked permanently due to CMVP concerns over the cryptographic module boundary.

As an experiment a "runtime" (binary) validation was attempted in parallel with the #1051 open source based validation. Both validations used identically the same source code, and based on past observation of "private label" validations we expected the binary validation to be awarded more quickly. In this case the binary validation spent half a hear longer (13 months versus 7 months) waiting for CMVP action, and as a result was of no practical value when finally awarded:
  • Validation #1111 for the OpenSSL FIPS Runtime Module 1.2 was awarded 2009-04-03. This FIPS module is only compatible with the 0.9.8 releases of OpenSSL.


This site Copyright © 2009-2016 OSF.