Language Selection

English French German Italian Portuguese Spanish

OpenSSL loses FIPS certification

Filed under
Software

The National Institute of Standards and Technology has revoked certification of the open-source encryption tool OpenSSL under the Federal Information Processing Standard.

OpenSSL in January became one of the first open-source software products to be validated under NIST’s Computer Module Validation Program for FIPS-140-2. The certificate apparently was suspended in June when questions were raised about the validated module’s interaction with outside software elements.

The revocation caught the Open Source Software Institute, which shepherded the module through the validation process, by surprise.

“I am discouraged with what appears to be another change after certification has been awarded,” said executive director John Weathersby. “It is disheartening after three-and-a-half years of work to have the certification pulled twice for reasons not clear to us.”

Full Story.

More in Tux Machines

Leftovers: Software

today's howtos

Leftovers: Gaming

Leftovers: KDE

  • LUKS support in KDE Partition Manager
  • Kate 16.04 on Windows (64bit)
  • The future of KApiDox
    I’ve been working hard to enhance KApiDox. I’d like to come back on what it is for, what I did and what I see for its future.
  • Danbooru Client 0.6.0 released
    It offers a convenient, KF5 and Qt5-based GUI coupled with a QML image view to browse, view, and download images hosted in two of the most famous Danbooru boards (konachan.com and yande.re).
  • A KMail Breakthrough.
    This tells the story of how I finally managed a successful transfer of email data from KMail version 1.13.6 to version 4.11.5. It is a non-technical essay exploring the obstacles I encountered, my options, and the methods I used to achieve my aim. It was written partly to give the information, but also with the hope that readers will both enjoy and be amused by the story of the "battle of KMail" that was ultimately won against "incredible odds". Links to the earlier articles discussing problems with KMail 4x are given at the end.
  • [GSoC] Kdev-Embedded, Debugging and programming embedded systems
    The actual embedded system word depends on closed-source IDEs and libraries, with high monetary value and deprecated functionalities. Programmers that would like to use ARM based boards without paying for an IDE will have problems setting up such development ambient and synchronized toolkits. The main idea of this project is to provide a plugin integrated with KDevelop to help the debugging and programming process of embedded systems like AVR, ARM and x86 based boards.