You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by wr...@apache.org on 2005/06/06 18:40:11 UTC

svn commit: r180338 - /httpd/httpd/branches/ssl-fips-dev/README

Author: wrowe
Date: Mon Jun  6 09:40:09 2005
New Revision: 180338

URL: http://svn.apache.org/viewcvs?rev=180338&view=rev
Log:
Explain this branch in the README while in-process

Modified:
    httpd/httpd/branches/ssl-fips-dev/README

Modified: httpd/httpd/branches/ssl-fips-dev/README
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/ssl-fips-dev/README?rev=180338&r1=180337&r2=180338&view=diff
==============================================================================
--- httpd/httpd/branches/ssl-fips-dev/README (original)
+++ httpd/httpd/branches/ssl-fips-dev/README Mon Jun  6 09:40:09 2005
@@ -1,3 +1,20 @@
+WORKING COPY httpd/branches/ssl-fips-dev
+
+ This sandbox is for development around the FIPS 140-2 standard as implemented
+ by Ben Laurie and team of OpenSSL with the 0.9.7 verisons.  The effort for
+ OpenSSL FIPS certification is coordinated by the Open Source Software
+ Institute.  OpenSSL 0.9.7 is in the process of certification testing.  See:
+
+ http://oss-institute.org/index.php?option=content&task=view&id=109
+
+ The crypto layer, itself, is the object of certification.  In this case,
+ that is encompased in libcrypto.so.  But libcrypto.so needs to be told to
+ enforce FIPS 140 policy, and mod_ssl needs to be adjusted to the FIPS 140
+ subset of permitted cryptography.
+
+ This effort is initially coordinated by Ben Laurie and Will Rowe; of course
+ all voulenteers and feedback are welcome.
+
 SYNOPSIS
 
  This Apache module provides strong cryptography for the Apache 2 webserver