AST Feb 2020 Magazine AST Feb 2020 Magazine | Page 59
ing
against 140-2 have been
www.AmericanSecurityToday.com
slowed and the year ahead will
likely see longer queue times
than usual.
usual .
1.0.2 does include
FIPS
mode,
February 2019
- Edition
41
but was designated for End of
Life as of 12/31/2019 and no
further support, security fixes,
fixes ,
or patches will be released pub-
That waiting game will pale licly by OpenSSL.
next to the difficulties en-
This created a diabolical
gineers are experiencing in
Catch-22 for vendors who have
2020 with OpenSSL
OpenSSL, , the world’s
already completed certifications
most widely used open source
like FedRAMP or Common Crite-
cryptographic architecture.
ria with OpenSSL included.
included .
OpenSSL’s current version is
1.1.1, but it does not support
FIPS mode operation,
operation , leaving
vendors reliant on the older 1.0.2
architecture.
If they replace the 1.0.2 stack,
the certification is no longer val-
id. If they leave it in,
in , it must be
patched in the event of CVE an-
nouncement.
59