The original OpenSSL, 2004. Being certified by IBM Domus lab Ottawa. US navy paid for the certification and the US army for the coding (or vice versa). It needed FIPS-140 certification which technically didn’t cover the random number generator. They passed all the tests, but when asked about the random number generator algorithm since the comments didn’t match the code, “everything went to shit”
Can you give a little bit more information what branch that was, and what the time frame it is we’re speaking about? Thank you very much.
Asked for the details - here they are:
The original OpenSSL, 2004. Being certified by IBM Domus lab Ottawa. US navy paid for the certification and the US army for the coding (or vice versa). It needed FIPS-140 certification which technically didn’t cover the random number generator. They passed all the tests, but when asked about the random number generator algorithm since the comments didn’t match the code, “everything went to shit”