[Openvas-devel] Start: replacing OpenSSL by GNU/TLS

Jan-Oliver Wagner jan-oliver.wagner at intevation.de
Wed Mar 21 00:18:18 CET 2007


On Tuesday 20 March 2007 23:25, Norm Donovan wrote:
> What is the practical impact of OpenSSL being FIPS approved?  Is GNU/TLS
> not FIPS approved?  How does one get FIPS approval?  Since Tenable must
> have removed OpenSSL from Nessus3 is Nessus3 not FIPS approved?

not sure about FIPS. IIUC, this is only relevant for USA?

But interesting point about OpenSSL removed from Nessus3.
Probably they found another implementation they could more easily
(in legal aspects) integrate or even implemented SSL themselves.
Those advertisement clauses as OpenSSL requires are really not easy
to handle and are another good reason to get rid of OpenSSL.
At least this tells us it is doable to replace OpenSSL ;-)

Best

	Jan

-- 
Dr. Jan-Oliver Wagner                                   Intevation GmbH
Amtsgericht Osnabrück, HR B 18998             http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner



More information about the Openvas-devel mailing list