[Openvas-devel] Start: replacing OpenSSL by GNU/TLS

Randal T. Rioux randy at procyonlabs.com
Mon Mar 26 16:29:50 CEST 2007


Norm Donovan wrote:
> What is the practical impact of OpenSSL being FIPS approved?  Is GNU/TLS
> not FIPS approved?  How does one get FIPS approval?  Since Tenable must
> have removed OpenSSL from Nessus3 is Nessus3 not FIPS approved?
> 
> In any case it sounds like easiest decision is to try to replace OpenSSL
> with GNU/TLS so we can move the project on.
> 

Lack of FIPS certification won't have a negative impact. Just because
Nessus uses OpenSSL doesn't mean it fulfills that requirement - since
OpenSSL requires the FIPS patch for this purpose.

It is just a plus. A nice to have. But not worth licensing issues.

If the OpenSSL folks want to be difficult, then screw them. GNU/TLS
seems to be a more foreword looking product anyway.

randy



More information about the Openvas-devel mailing list