On 12/1/06, Kyle Hamilton aerowolf@gmail.com wrote:
Funny, I've found the opposite. (And I'm on the mailing lists for both, as well as the commit lists.) This doesn't necessarily mean that your experience is invalid.
It helps that I work for a company that manages an FFRDC supporting a large PKI. My sponsor has RedHat under a couple of different contracts that make them, shall we say, amiable to suggestion from such a source as I. :)
I have a copy of the OpenSSL FIPS-1.0 code, which I obtained before the certification was changed to "Not Available". This means that I am able to use it to demonstrate compliance in any binary software that I originate, even now -- I have procured it, and the "cannot be procured" applies to integrators, not end users. However, anyone who did not have the software as of the date it was marked "Not Available" cannot use it to demonstrate compliance.
I think this is compelling reason enough to drive implementations toward NSS. Great information though, and I appreciate the insights.
The reason for this is because there is a small amount of cryptographic code which resides outside the "security boundary" -- i.e., the HMAC-digitally-signed binary library which is generated at OpenSSL-FIPS's compilation time. (There is a message from Dr. Stephen N. Henson in the openssl-dev mailing list archives which I can find and point you to, dating from either the end of July or sometime in the entire month of August, which goes into more detail.)
Please, if only to satisfy my own curiosity.
It is literally impossible for a module in a general-purpose computing system to get anything more than a Level 1 validation, simply because general-purpose OSes have debugging capability which can examine the contents of memory owned by another process or library. A Level 2 validation shows resistance to such attacks.)
I see from the pre-val list that RedHat/Sun have a newer version of NSS (I can't recall which version) in pending review (i.e., testing is done & it has a recommendation) for both level 2 and level 1. Is there something different that NSS has done that OpenSSL did not, aside from the validation of source vs. validation of object?
-- Tim