Permalink
Browse files

doc: simplify and clarify FIPS text in BUILDING.md

PR-URL: #17538
Fixes: #17536
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
  • Loading branch information...
Trott authored and gibfahn committed Dec 7, 2017
1 parent ac6f345 commit dcee5edef795126d72d21e70b8d0924ef0cb9399
Showing with 6 additions and 10 deletions.
  1. +6 −10 BUILDING.md
View
@@ -347,17 +347,13 @@ as `deps/icu` (You'll have: `deps/icu/source/...`)
## Building Node.js with FIPS-compliant OpenSSL
NOTE: Windows is not yet supported
It is possible to build Node.js with the
[OpenSSL FIPS module](https://www.openssl.org/docs/fipsnotes.html) on POSIX
systems. Windows is not supported.
It is possible to build Node.js with
[OpenSSL FIPS module](https://www.openssl.org/docs/fipsnotes.html).
**Note**: building in this way does **not** allow you to claim that the
runtime is FIPS 140-2 validated. Instead you can indicate that the runtime
uses a validated module. See the
[security policy](http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf)
page 60 for more details. In addition, the validation for the underlying module
is only valid if it is deployed in accordance with its
Building in this way does not mean the runtime is FIPS 140-2 validated, but
rather that the runtime uses a validated module. In addition, the validation for
the underlying module is only valid if it is deployed in accordance with its
[security policy](http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf).
If you need FIPS validated cryptography it is recommended that you read both
the [security policy](http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf)

0 comments on commit dcee5ed

Please sign in to comment.