AST Feb 2020 Magazine AST Feb 2020 Magazine

ing against 140-2 have been www.AmericanSecurityToday.com slowed and the year ahead will likely see longer queue times than usual. usual . 1.0.2 does include FIPS mode, February 2019 - Edition 41 but was designated for End of Life as of 12/31/2019 and no further support, security fixes, fixes , or patches will be released pub- That waiting game will pale licly by OpenSSL. next to the difficulties en- This created a diabolical gineers are experiencing in Catch-22 for vendors who have 2020 with OpenSSL OpenSSL, , the world’s already completed certifications most widely used open source like FedRAMP or Common Crite- cryptographic architecture. ria with OpenSSL included. included . OpenSSL’s current version is 1.1.1, but it does not support FIPS mode operation, operation , leaving vendors reliant on the older 1.0.2 architecture. If they replace the 1.0.2 stack, the certification is no longer val- id. If they leave it in, in , it must be patched in the event of CVE an- nouncement. 59

AST Feb 2020 Magazine AST Feb 2020 Magazine | Page 59