Good question and my apologize to everyone for not making that clear in my previous message.
What everyone is looking for right now is for Apple to appear on the Pre-Validation List located at:
DISCLAIMER: The Cryptographic Module Validation Program (CMVP) FIPS 140-1 and FIPS 140-2 Pre-validation List is provided for information purposes only. Participation on the list is voluntary and is a joint decision by the vendor and Cryptographic Module Testing (CMT) laboratory. Modules are listed alphabetically by name. Blank entries indicate modules in pre-validation but joint decision made not to post. Posting on the list does not imply guarantee of final FIPS 140-1 or FIPS 140-2 validation.
The following phases describe the FIPS 140-1 and FIPS 140-2 pre-validation process. The status of each cryptographic module in the process is identified in the list.
• Implementation Under Test (IUT)
• There exists a viable contract between the vendor and CMT laboratory for the testing of the cryptographic module.
• The cryptographic module is resident at the CMT laboratory.
• All of the required documentation is resident at the CMT laboratory. (Note: if the vendor requires the CMT lab personnel to
test the cryptographic module onsite, all documents must be onsite with the module.)
• Validation Review Pending
• Complete set of testing documents submitted to NIST and CSE for review. The set includes: draft certificate, summary
module description, detailed test report, non-proprietary security policy, web-site information. In addition, some
CMT labs include a separate physical testing report.
• Signed letter from laboratory stating recommendation for validation received by NIST and CSE.
• Validation Review
• NIST and CSE reviewers assigned.
• NIST and CSE perform a preliminary review of the test documents (if required). NIST and CSE perform a review
of the test documents.
• Comments coordinated by NIST and CSE reviewers and combined set of comments sent to the CMT laboratory.
• Validation Coordination (this process may be iterative)
• Comments received by the CMT laboratory from NIST and CSE for resolution.
• Additional testing (if required).
• Additional documentation (if required).
• Comments resolution developed for resubmission to NIST and CSE.
• Testing documents updated for resubmission to NIST and CSE.
• Responses to comments and revised test documents submitted to NIST and CSE.
• Validation Finalization
• Final resolution of validation review comments submitted to NIST and CSE.
• Testing documents updated based on resolutions and submitted to NIST and CSE.
• Certificate number assigned.
• Certificate printing and signature process initiated.