Language Selection

English French German Italian Portuguese Spanish

OpenSSL loses FIPS certification

Filed under
Software

The National Institute of Standards and Technology has revoked certification of the open-source encryption tool OpenSSL under the Federal Information Processing Standard.

OpenSSL in January became one of the first open-source software products to be validated under NIST’s Computer Module Validation Program for FIPS-140-2. The certificate apparently was suspended in June when questions were raised about the validated module’s interaction with outside software elements.

The revocation caught the Open Source Software Institute, which shepherded the module through the validation process, by surprise.

“I am discouraged with what appears to be another change after certification has been awarded,” said executive director John Weathersby. “It is disheartening after three-and-a-half years of work to have the certification pulled twice for reasons not clear to us.”

Full Story.

More in Tux Machines

today's howtos

The Red Hat Way

  • Red Hat wants to make cold-shouldered OpenStack red hot
    At OpenStack Summit in Boston last May, some speculated that the event might be the last gasp for OpenStack — an open-source platform for cloud computing and infrastructure-as-service. Granted, OpenStack was one of the less hyped open-source projects of the past year. But renewed community and end-user interest is breathing fresh life into the platform, according to Rob Young (pictured), senior manager of virtualization product and strategy at Red Hat Inc. Telcos and others are adopting OpenStack “because of the simplification of what was once complex, but also in the cost savings that can be realized by managing your own cloud within a hybrid cloud environment,” Young said.
  • Improved multimedia support with Pipewire in Fedora 27
    Pipewire — a new project of underlying Linux infrastructure to handle multimedia better — has just been officially launched. The project’s main goal is to improve the handling of both audio and video. Additionally, Pipewire introduces a security model to allow easy interaction with multimedia devices from containerized and sandboxed applications, i.e. Flatpak apps.
  • Architecting the future with abstractions and metadata
    The modern data center is built on abstractions, with Docker, Kubernetes, and OpenShift leading the way.

Games: Racing Games, Steam, SteamWorld Dig 2, XCOM 2: War of the Chosen

Software: DNS Checkers, Alternatives to Adobe Software, Fake Hollywood Hacker Terminal and More