[Openvas-devel] Start: replacing OpenSSL by GNU/TLS
Randal T. Rioux
randy at procyonlabs.com
Mon Mar 26 16:29:50 CEST 2007
Norm Donovan wrote:
> What is the practical impact of OpenSSL being FIPS approved? Is GNU/TLS
> not FIPS approved? How does one get FIPS approval? Since Tenable must
> have removed OpenSSL from Nessus3 is Nessus3 not FIPS approved?
> In any case it sounds like easiest decision is to try to replace OpenSSL
> with GNU/TLS so we can move the project on.
Lack of FIPS certification won't have a negative impact. Just because
Nessus uses OpenSSL doesn't mean it fulfills that requirement - since
OpenSSL requires the FIPS patch for this purpose.
It is just a plus. A nice to have. But not worth licensing issues.
If the OpenSSL folks want to be difficult, then screw them. GNU/TLS
seems to be a more foreword looking product anyway.
More information about the Openvas-devel