=head1 NOTES
+Some released versions of OpenSSL do not include a validated
+FIPS provider. To determine which versions have undergone
+the validation process, please refer to the
+L<OpenSSL Downloads page|https://www.openssl.org/source/>. If you
+require FIPS-approved functionality, it is essential to build your FIPS
+provider using one of the validated versions listed there. Normally,
+it is possible to utilize a FIPS provider constructed from one of the
+validated versions alongside F<libcrypto> and F<libssl> compiled from any
+release within the same major release series. This flexibility enables
+you to address bug fixes and CVEs that fall outside the FIPS boundary.
+
The FIPS provider in OpenSSL 3.1 includes some non-FIPS validated algorithms,
consequently the property query C<fips=yes> is mandatory for applications that
want to operate in a FIPS approved manner. The algorithms are:
L<OSSL_PARAM(3)>,
L<openssl-core.h(7)>,
L<openssl-core_dispatch.h(7)>,
-L<provider(7)>
+L<provider(7)>,
+L<https://www.openssl.org/source/>
=head1 HISTORY
This functionality was added in OpenSSL 3.0.
-OpenSSL 3.0 includes a FIPS 140-2 approved FIPS provider.
-
-OpenSSL 3.1 includes a FIPS 140-3 approved FIPS provider.
-
=head1 COPYRIGHT
Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
=head1 NOTES
+Some released versions of OpenSSL do not include a validated
+FIPS provider. To determine which versions have undergone
+the validation process, please refer to the
+L<OpenSSL Downloads page|https://www.openssl.org/source/>. If you
+require FIPS-approved functionality, it is essential to build your FIPS
+provider using one of the validated versions listed there. Normally,
+it is possible to utilize a FIPS provider constructed from one of the
+validated versions alongside F<libcrypto> and F<libssl> compiled from any
+release within the same major release series. This flexibility enables
+you to address bug fixes and CVEs that fall outside the FIPS boundary.
+
The FIPS provider in OpenSSL 3.1 includes some non-FIPS validated algorithms,
consequently the property query C<fips=yes> is mandatory for applications that
want to operate in a FIPS approved manner. The algorithms are:
=head1 SEE ALSO
-L<migration_guide(7)>, L<crypto(7)>, L<fips_config(5)>
+L<migration_guide(7)>, L<crypto(7)>, L<fips_config(5)>,
+L<https://www.openssl.org/source/>
=head1 HISTORY
The FIPS module guide was created for use with the new FIPS provider
in OpenSSL 3.0.
-OpenSSL 3.0 includes a FIPS 140-2 approved FIPS provider.
-
-OpenSSL 3.1 includes a FIPS 140-3 approved FIPS provider.
-
=head1 COPYRIGHT
Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.