Re: Info needed on OpenLDAP support / compliance on FIPS 140.2

On 6/16/20 8:00 AM, Philip Guenther wrote:

Simply _using_ that library is not nearly enough to pass any sort of compliance check.

Philip, you're absolutely right.

Everybody seriously interested in that should dig in the mailing list archive of the openss-users list and OpenSSL blog for postings about FIPS compliance.

Be prepared for tons of unrealistic requirements. Steve Marquess' e-mails about FIPS sent to openssl-users usually begin with:

"As always, if you don't care about FIPS 140 then count yourself lucky and move on."

Ciao, Michael.