[pixl97]

Open, closed, it's all a bunch of fun getting working in FIPS mode. Especially 3rd party applications. They'll call a library, that calls a library that uses something not compliant.

While FIPS is a pain in the ass, can show you potential failures your software has with using ancient crypto methods that are easy to enable and completely compromise the security of your software.

[chii]

but i think there's some requirements in FIPS that are really just checkbox rather than actual security. I suppose it's easier to have a list of checkboxes to tick from a compliance perspective.