Re: [Fed-Talk] FIPS SSL
Re: [Fed-Talk] FIPS SSL
- Subject: Re: [Fed-Talk] FIPS SSL
- From: Allan Marcus <email@hidden>
- Date: Fri, 30 Oct 2009 10:05:32 -0600
Is that true the Mac OS X now uses FIPS for openssl? When I type
"openssl version" I don't see any indication the FIPS module is being
used. Also, when I asked enterprise applecare (335579), then told me
FIPS was not being used.
Please verify FIPS is being used for openssl on Mac OS X, and in which
versions of the OS. This would be great news.
---
Thanks,
Allan Marcus
505-667-5666
On Oct 27, 2009, at 1:40 PM, Shawn A. Geddis wrote:
Mark,
As you know, Apache uses OpenSSL and a version was validated by
their team which you might be able to wedge. If Apache were to use
Apple's Crypto, you and others would then be reliant on Apple's FIPS
Validation.
—————————————
Shawn Geddis
Security Consulting Engineer
Enterprise (Commercial & Government)
Apple Inc.
On Oct 27, 2009, at 12:11 PM, Mark <email@hidden> wrote:
What are folks doing for FIPS compliance ssl for their public
facing Mac web servers? We are thinking of putting a reverse proxy
with apache custom compiled for FIPS in front of our servers.
What is Apple's stance?
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden