On 01/03/2014 11:01 AM, Adrian Sevcenco wrote: > i was just blew away by this: > "What almost all commentators have missed is > that hidden away in the small print (and subsequently confirmed by our > specific query) is that if you want to be FIPS 140-2 compliant you MUST > use the compromised points." > > i even don't have words to comment on this!!! I tweeted about this exact point a few minutes ago; given the way and what is compromised in what manner, and then work back to what FIPS is, it helps dilute the shock. a bit. but then who's got the funds and resources to re-work the fips process with a new codebase ? Will Red Hat ? - KB -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc