Submission + - OpenSSL FIPS Validation Delayed by FUD
nile_list writes: "Linux.com reports that OpenSSL regained its FIPS 140-2 validation, required for crypto software used by the government to handle sensitive data. It took them over 5 years what usually takes a few months. One of the complications was new testing procedures and the fact that users can compile OpenSSL with different functionality, resulting in needing to test the actual source code instead of just binaries. The other: 'According to John Weathersby, executive director for OSSI, several proprietary software companies with similar products mounted a campaign to delay, if not totally derail, the validation of an open source SSL toolkit.' Among the complaints sent to the testing body was fear of Commie code: 'Apparently, OpenSSL was accused of having "Communist code" in it simply because a developer in Russia had worked on it.'"