<a href="../../source/openssl-fips-1.2.tar.gz">source</a> at a minimum.
And did we mention the <a href="UserGuide.pdf">User Guide</a>?
<p>
-<font color="#cc3333">Important Note:</font> Due to upcoming changes in the FIPS 140-2 validation requirements the current v1.2 Module will
+<a name="transition">
+<font color="#cc3333">Important Note:</font>
+</a>
+Due to upcoming changes in the FIPS 140-2 validation requirements the current v1.2 Module will
no longer be a suitable model for private label validations in its current form past the year 2010. See the NIST <a href="http://csrc.nist.gov/groups/STM/cmvp/notices.html">Notices</a>,
<a href="http://csrc.nist.gov/groups/ST/key_mgmt/documents/Transitioning_CryptoAlgos_070209.pdf">discussion paper</a> and
<a href="http://csrc.nist.gov/publications/drafts/800-131/draft-sp800-131_spd-june2010.pdf">SP 800-131</a>.
specific target platform. We have made numerous performance enhancements
since the original #1051 validation. Some of these can be easily incorporated
into routine private label validations and some cannot.
+ <p>
+ <li>You start the validation in 2010. The reason for this qualification is that the rules change starting
+ in 2011, see <a href="fipsnotes.html#transition">upcoming changes in the FIPS 140-2 validation requirements</a>.
+ We are confident that OpenSSL FIPS Object Module based validations of some type will still be possible
+ post-2010, but there are enough uncertainties with the new guidelines to caution us against offering
+ the same pricing at this time.
</ul>
<p>
Note that we can still help you if not all of these circumstances apply, but we'll
projects / openssl-web.git / commitdiff