OpenSSL loses FIPS 140-2 Certification

OhHellWithIt writes "Government Computer News reported on Tuesday that OpenSSL has lost FIPS 140-2 certification, only six months after receiving it. It sounds like bad news for those of us who would like to see open source gain more of a foothold in U.S. federal workplaces." Readers have updated this story with an update saying the certification has shifted again.

Re:Reasons Not Given?

[smooth+wombat]

Normal operating procedure. Years ago, when I applied for a position with an unnamed 3-letter agency, I gave them several, double-sided, sheets of information going back ten years. Went through the whole process of urine testing, blood analysis, polygraph (twice), and psychological evaluation (bubble test and actual person). After all was said and done I received notice that I would not proceed to the next stage.

I wrote a letter requesting the specific reason for this and was told that that information was proprietary and might disclose operational procedures.

So let's review. I give them almost 20 pages of documentation, agree that they can ask questions about me from family members, relatives,neighbors, etc., agree to let them do a credit check on me and contact other law enforcement agencies to see if I have a record, answer an entire booklet of psychological questions, undergo two polygraph tests, a blood test and urinalysis and they won't tell me how they came to their decistion because in doing so it might reveal how they gather the information.

Um, yeah.