I don't know why they care about it, but yes it will take long time: https://www.openssl.org/blog/blog/2017/08/17/fips/
On Fri, Aug 18, 2017 at 8:41 PM, Alexander Kanavin < [email protected]> wrote: > On 08/18/2017 08:56 PM, Mark Hatle wrote: > >> Even with that patch to rename openssl10 back to openssl we still need to >>> solve >>> the openssl-native which wasn't reverted back to 1.0. >>> >>> Upstream nodejs isn't going to be openssl-1.1 for a bit longer as >>> explained: >>> https://github.com/nodejs/node/pull/14761 >>> >> >> I wanted to pull out a specific comment from the above link that shows >> one of >> the reasons why OpenSSL 1.1 support is delayed by many: >> >> 7 days ago: shigeki commented: >> >>> We're also waiting for FIPS support of 1.1.x. They are now working on it >>> as https://www.openssl.org/blog/blog/2017/07/25/fips/.> ... >>> >> >> Until the OpenSSL 1.1.x FIPS work is further along, a lot of projects >> (and major >> distributions) are going to wait to deploy it. >> > > What I don't understand is why node even cares about FIPS? FIPS compliance > is needed to win software supplier contracts with one certain government; I > haven't seen any other reasons. > > Another point is that getting FIPS done will take a very long time, > possibly two years or more, and this work is just starting now with no > clear funding or completion date (see the openssl blog link). Meanwhile, > all major desktop linux distros have 1.1 by default already; seems to me > that they don't care. > > Alex >
-- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
