Update status.

author: Dr. Stephen Henson <steve@openssl.org> 2011-05-04 20:43:32 +0200
committer: Dr. Stephen Henson <steve@openssl.org> 2011-05-04 20:43:32 +0200
commit: c9adde0699c140840572f3bae976b8bae94fc7af (patch)
tree: ff4ddff12c3f2ee20453631771ec6215eb3fd9b3 /README.FIPS
parent: Remove debugging print. (diff)
download: openssl-c9adde0699c140840572f3bae976b8bae94fc7af.tar.xz
openssl-c9adde0699c140840572f3bae976b8bae94fc7af.zip
1 files changed, 2 insertions, 8 deletions
diff --git a/README.FIPS b/README.FIPS
index e0c11c2956..3b51d4de45 100644
--- a/README.FIPS
+++ b/README.FIPS
@@ -76,14 +76,8 @@ Known issues:
 
 Algorithm tests are pre-2011.
 The fipslagtest.pl script wont auto run new algorithm tests such as DSA2.
-Usage of ECDH/DH needs review and whether any KDFs need to be implemented.
-Selftests need updating with larger key sizes in some cases and redundant
-tests pruned.
-SP800-90 DRBG needs more work: check for compliance, continuous PRNG test
-when entropy gathering, periodic health tests.
-Some algorithms need to check security strength of PRNG: keygen etc.
-No CCM.
-No XTS.
+Code needs extensively reviewing to ensure it builds correctly on 
+supported platforms and is compliant with FIPS 140-2.
 The "FIPS capable OpenSSL" is not yet complete: meaning that the rest of
 OpenSSL doesn't always use the correct FIPS module APIs and block others
 in FIPS mode.
author	Dr. Stephen Henson <steve@openssl.org>	2011-05-04 20:43:32 +0200
committer	Dr. Stephen Henson <steve@openssl.org>	2011-05-04 20:43:32 +0200
commit	c9adde0699c140840572f3bae976b8bae94fc7af (patch)
tree	ff4ddff12c3f2ee20453631771ec6215eb3fd9b3 /README.FIPS
parent	Remove debugging print. (diff)
download	openssl-c9adde0699c140840572f3bae976b8bae94fc7af.tar.xz openssl-c9adde0699c140840572f3bae976b8bae94fc7af.zip