[Openswan dev] any plans to get FIPS certification?

[Paul Wouters]

On Thu, 2 Oct 2008, Knoke, Jim wrote:

> For all the crypto and RNG algorithms used for IPsec? 

RNG should already be FIPS-140 compliant if you run the rngd.

> Or any other suggestions for how to get a FIPSed, open source IPsec
> solution going on Linux?

There is an effort on its way to use fips certified libraries for crypto
related calls (gnutls or openssl). Contact me for more information.

Paul