Monthly Archives: July, 2015

  1. Major FIPS Flaw in OpenSSL

    OpenSSL is the most widely deployed crypto library in the world. Most ICT companies use OpenSSL in one one way or another. Thus the FIPS validation of OpenSSL has been tremendously useful to the industry as it provides a handy shortcut to FIPS compliance. However, the openSSL FIPS validation is not without issues. The original Read More…

  2. Real world impact of CSfC

    Couple of weeks back I had the pleasure of attending the IAS 2015 symposium hosted by IAD. It was my first time attending this symposium and it was interesting to interface with the end user community who procure and use, on a daily basis, the products we certify. We as evaluators do not get exposure Read More…

  3. OPENSSL: SEVERE UNDISCLOSED BUG

    A new version of OpenSSL, the open-source software widely used to encrypt internet communications using SSL/TLS, is due to be released this Thursday July 9th, patching a “high severity” vulnerability. The developers of OpenSSL posted the following announcement to their message boards at openssl.org – “The OpenSSL project team would like to announce the forthcoming Read More…