undefined | Better HN

0 pointsthirsteh11y ago0 comments

The problem with OpenSSL is that it's really problematic to simply fix and refactor stuff given their FIPS certification.

0 comments

leoc11y ago

Ooh, OpenSSL's FIPS certification. The fellows who've been fighting for years to take it away http://www.itnews.com.au/News/65016,openssl-in-a-fips-flap.a... must be crowing right now. (Regardless of whether their own stuff is any better or no.) Another decertification incoming?

crashandburn411y ago

Hi, can someone help me understand what the significance of FIPS certification is? ( beyond the wikipedia page: http://en.wikipedia.org/wiki/FIPS_140-2 )

leoc11y ago

AFAIK the US federal government (excluding the military, which obviously has its own hoops to jump through) generally can't use your hardware/software unless it has the appropriate FIPS certification(s). https://en.wikipedia.org/wiki/Federal_Information_Processing...

j / k navigate · click thread line to collapse

0 comments

leoc11y ago

crashandburn411y ago

Hi, can someone help me understand what the significance of FIPS certification is? ( beyond the wikipedia page: http://en.wikipedia.org/wiki/FIPS_140-2 )

leoc11y ago

j / k navigate · click thread line to collapse