------=_Part_31779_12013386.1159907519239
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

OpenSSL Development Team,

When do you expect that a NIST certified version of AES will be released in
OpenSSL? I notice from the NIST reference website of validated AES
implementations that version 1.1 FIPS Object Module Library was validated o=
n
7/20/2006. Is this version included in any of the new releases?

Thanks,

Chip Masters

On 9/28/06, Mark J Cox wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> OpenSSL version 0.9.8d and 0.9.7l released
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D
>
> OpenSSL - The Open Source toolkit for SSL/TLS
> http://www.openssl.org/
>
> The OpenSSL project team is pleased to announce the release of
> version 0.9.8d of our open source toolkit for SSL/TLS. This new
> OpenSSL version is a security and bugfix release and incorporates
> changes and bugfixes to the toolkit. For a complete list of
> changes, please see http://www.openssl.org/source/exp/CHANGES.
>
> This release fixes four security vulnerabilities, CVE-2006-2937,
> CVE-2006-2940, CVE-2006-3738, CVE-2006-4343. Please see
> http://www.openssl.org/news/secadv_20060928.txt
>
> We also release 0.9.7l, which contains the security update and
> bugfixes compared to 0.9.7k.
>
> We consider OpenSSL 0.9.8d to be the best version of OpenSSL
> available and we strongly recommend that users of older versions
> upgrade as soon as possible. OpenSSL 0.9.8d is available for
> download via HTTP and FTP from the following master locations (you
> can find the various FTP mirrors under
> http://www.openssl.org/source/mirror.html):
>
> * http://www.openssl.org/source/
> * ftp://ftp.openssl.org/source/
>
> For those who want or have to stay with the 0.9.7 series of
> OpenSSL, we strongly recommend that you upgrade to OpenSSL 0.9.7l
> as soon as possible. It's available in the same location as
> 0.9.8d.
>
> The distribution file names are:
>
> o openssl-0.9.8d.tar.gz
> MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
> SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
>
> o openssl-0.9.7l.tar.gz
> MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
> SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
>
> The checksums were calculated using the following commands:
>
> openssl md5 openssl-0.9.*.tar.gz
> openssl sha1 openssl-0.9.*.tar.gz
>
> Yours,
>
> The OpenSSL Project Team...
>
> Mark J. Cox Nils Larsch Ulf M=F6ller
> Ralf S. Engelschall Ben Laurie Andy Polyakov
> Dr. Stephen Henson Richard Levitte Geoff Thorpe
> Lutz J=E4nicke Bodo M=F6ller
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2.2 (GNU/Linux)
>
> iQCVAwUBRRvCTe6tTP1JpWPZAQIRbgP/aIb5s19eiSBrdGpSy36Ce1piAtBfqPPM
> Bw/j9Y6fWTQYS5z/ZNDnFLmbQw269bR5nYIMT6da5dyKmSt9v6dUJHdQXI7i/gf4
> o3JPEZwqRqqz1tyhhBNFMNAx3hV73noLOXUUuak+2Zw9VtKGTb 4HoRGGmXq8VUSn
> zeeX2KgXEwg=3D
> =3DfiHy
> -----END PGP SIGNATURE-----
>
> __________________________________________________ ____________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List openssl-dev@openssl.org
> Automated List Manager majordomo@openssl.org
>


------=_Part_31779_12013386.1159907519239
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

OpenSSL Development Team,

When do you expect that a NIST certified v=
ersion of AES will be released in OpenSSL? I notice from the NIST reference=
website of validated AES implementations that version 1.1 FIPS Object Modu=
le Library was validated on 7/20/2006. Is this version included in any of t=
he new releases?


Thanks,

Chip Masters


>On 9/28/06, Mark J Cox <
ilto:mark@awe.com">mark@awe.com
> wrote:
mail_quote" style=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0pt=
0pt 0pt 0.8ex; padding-left: 1ex;">
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


   Op=
enSSL version 0.9.8d and 0.9.7l released
   =3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

   OpenSSL - The Open So=
urce toolkit for SSL/TLS
   ">
http://www.openssl.org/


   The OpenSSL project team is=
pleased to announce the release of
   version 0.9.8d of our o=
pen source toolkit for SSL/TLS. This new
   OpenSSL version is=
a security and bugfix release and incorporates

   changes and bugfixes to the toolkit.  For a comp=
lete list of
   changes, please see ssl.org/source/exp/CHANGES">http://www.openssl.org/source/exp/CHANGES.<=
br>
   This release fixes four security vulnerabilities, CVE-2=
006-2937,

   CVE-2006-2940, CVE-2006-3738, CVE-2006-4343.  Pl=
ease see
   0928.txt">http://www.openssl.org/news/secadv_20060928.txt

 =
  We also release 0.9.7l, which contains the security update and

   bugfixes compared to 0.9.7k.

   We consid=
er OpenSSL 0.9.8d to be the best version of OpenSSL
   availab=
le and we strongly recommend that users of older versions
   u=
pgrade as soon as possible. OpenSSL=20
0.9.8d is available for
   download via HTTP and FTP from the =
following master locations (you
   can find the various FTP mi=
rrors under
   ..html">http://www.openssl.org/source/mirror.html
):

     * source/">http://www.openssl.org/source/
     * <=
a href=3D"ftp://ftp.openssl.org/source/">ftp://ftp.openssl.org/source/<=
br>
   For those who want or have to stay with the=20
0.9.7 series of
   OpenSSL, we strongly recommend that you upg=
rade to OpenSSL 0.9.7l
   as soon as possible.  It's=
available in the same location as
   0.9.8d.

 &nb=
sp; The distribution file names are:

    o=20
openssl-0.9.8d.tar.gz
      MD5 checksum: =
8ed1853538e1d05a1f5ada61ebf8bffa
      SHA=
1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2

  &nb=
sp; o openssl-0.9.7l.tar.gz
      MD5=
checksum: b21d6e10817ddeccf5fbe1379987333e

      SHA1 checksum: f0e4136639b10cbd1227=
c4f7350ff7ad406e575d

   The checksums were calculated usin=
g the following commands:

    openssl md5 openss=
l-0.9.*.tar.gz
    openssl sha1 openssl-0.9.*.tar.gz=



   Yours,

   The OpenSSL Project Team...
=

    Mark J. Cox      =
       Nils Larsch    &nb=
sp;    Ulf M=F6ller
    Ralf S. Engel=
schall     Ben Laurie     &nbs=
p;    Andy Polyakov
    Dr. Step=
hen Henson      Richard Levitte  &n=
bsp;  Geoff Thorpe

    Lutz J=E4nicke     &nb=
sp;      Bodo M=F6ller



-----BE=
GIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iQCVAw=
UBRRvCTe6tTP1JpWPZAQIRbgP/aIb5s19eiSBrdGpSy36Ce1piAtBfqPPM
Bw/j9Y6fWTQYS=
5z/ZNDnFLmbQw269bR5nYIMT6da5dyKmSt9v6dUJHdQXI7i/gf4

o3JPEZwqRqqz1tyhhBNFMNAx3hV73noLOXUUuak+2Zw9VtKGTb 4HoRGGmXq8VUSn
zee=
X2KgXEwg=3D
=3DfiHy
-----END PGP SIGNATURE-----

______________=
__________________________________________________ ______
OpenSSL Project=
            &nb=
sp;            =
       =20
http://www.openssl.org
Developmen=
t Mailing List          &=
nbsp;            href=3D"mailtopenssl-dev@openssl.org">openssl-dev@openssl.org
Auto=
mated List Manager         &nb=
sp;            =
    =20
majordomo@openssl.org
ckquote>



------=_Part_31779_12013386.1159907519239--
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org