[Info-vax] VSI has released 9.2-1

Dan Cross cross at spitfire.i.gajendra.net
Wed Jul 5 21:43:20 EDT 2023 

In article <u84l3q$kcjd$1 at dont-email.me>,
Arne Vajhøj  <arne at vajhoej.dk> wrote:
>On 7/5/2023 4:33 PM, Arne Vajhøj wrote:
>> On 7/5/2023 2:23 PM, Simon Clubley wrote:
>>>  From https://docs.vmssoftware.com/docs/VSI_Webinar_March_2022.pdf in the
>>> OpenSSL section:
>>>
>>> |Working on new entropy engine that will work with OpenSSL 3.0 to help
>>> |facilitate FIPS 140-x compliance
>>>
>>> |SSL3 is also a key component of VSI's security roadmap to ensure that 
>>> the
>>> |OpenVMS operating system and applications running on OpenVMS are able 
>>> meet
>>> |relevant security requirements by supporting specific features such 
>>> as FIPS.
>> 
>> That is actually interesting.
>> 
>> Per:
>> 
>> https://www.openssl.org/docs/fips.html
>> https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4282
>> 
>> then OpenSSL is FIPS 140-2 certified on:
>> 
>> <quote>
>>      Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x86) with PAA
>>      Debian 11.5 running on Dell Inspiron 7591 with Intel i7(x86) 
>> without PAA
>>      FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) with PAA
>>      FreeBSD 13.1 running on Dell Inspiron 7591 with Intel i7(x64) 
>> without PAA
>>      macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) with PAA
>>      macOS 11.5.2 running on Apple i7 Mac Mini with Intel i7(x64) 
>> without PAA
>>      macOS 11.5.2 running on Apple M1 Mac Mini with M1 with PAA
>>      macOS 11.5.2 running on Apple M1 Mac Mini with M1 without PAA 
>> (single-user mode)
>>      Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel 
>> i7(x64) with PAA
>>      Ubuntu Linux 22.04.1 LTS running on Dell Inspiron 7591 with Intel 
>> i7(x64) without PAA
>>      Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) with PAA
>>      Windows 10 running on Dell Inspiron 7591 with Intel i7(x64) without 
>> PAA
>> </quote>
>> 
>> Maybe VSI want VMS on that list.
>
>But I wonder.
>
>How will VSI get FIPS 140-2 certification for VMS x86-64 if they only
>support running in VM not on physical hardware??

Virtual Machines, by definition, run most of their instructions
on the physical hardware, including in kernel mode.  Running in
a VM does not preclude one from access to high-quality hardware
facilitated entropy sources a priori.

	- Dan C.

More information about the Info-vax mailing list