Skip to content

Commit

Permalink
doc: simplify and clarify FIPS text in BUILDING.md
Browse files Browse the repository at this point in the history
PR-URL: #17538
Fixes: #17536
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Jon Moss <[email protected]>
  • Loading branch information
Trott authored and gibfahn committed Dec 20, 2017
1 parent fb33231 commit 8e4cb1b
Showing 1 changed file with 6 additions and 10 deletions.
16 changes: 6 additions & 10 deletions BUILDING.md
Original file line number Diff line number Diff line change
Expand Up @@ -351,17 +351,13 @@ as `deps/icu` (You'll have: `deps/icu/source/...`)

## Building Node.js with FIPS-compliant OpenSSL

NOTE: Windows is not yet supported
It is possible to build Node.js with the
[OpenSSL FIPS module](https://www.openssl.org/docs/fipsnotes.html) on POSIX
systems. Windows is not supported.

It is possible to build Node.js with
[OpenSSL FIPS module](https://www.openssl.org/docs/fipsnotes.html).

**Note**: building in this way does **not** allow you to claim that the
runtime is FIPS 140-2 validated. Instead you can indicate that the runtime
uses a validated module. See the
[security policy](http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf)
page 60 for more details. In addition, the validation for the underlying module
is only valid if it is deployed in accordance with its
Building in this way does not mean the runtime is FIPS 140-2 validated, but
rather that the runtime uses a validated module. In addition, the validation for
the underlying module is only valid if it is deployed in accordance with its
[security policy](http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf).
If you need FIPS validated cryptography it is recommended that you read both
the [security policy](http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf)
Expand Down

0 comments on commit 8e4cb1b

Please sign in to comment.