One Stop Package Deal for Private Label ValidationsIf you haven't already, please read our FIPS 140-2 Notes page.
IMPORTANT NOTE: Due to new formal requirements that are incompatible with the current code base, and until further notice, OSF is no longer performing private label validations.
What It IsWe have found that one of the most popular commercial services offered by the OpenSSL Software Foundation is the private label validation. It's not a business we ever planned to be in, but as the originators of the source code based OpenSSL FIPS Object Module validations, and with lots of practice, we've gotten pretty good at it. The revenue we earn from these validations supports the OpenSSL project, and for some validations also results in useful additions to the OpenSSL baseline.
What You GetFor the total fixed price of as little as US$35,000 we will obtain a Level 1 FIPS 140-2 validation in your name using the OpenSSL FIPS Object Module v2.0 for two common platforms using unmodified source code. A common platform is a computing device (hardware and operating system) that is available and familiar to us and the test lab(s). Examples of common platforms are:
Additional common platforms can be added to your validation for US$4000 (Linux/Unix/Android) or US$4500 (desktop/server Windows) each.
We will handle all interaction with the accredited testing lab and the CMVP. You sign one contract with the OSF with half of the price due as a down payment and the remainder due only when your certificate is posted by the CMVP.
Within two weeks of executing your contract with us, your pending validation will also appear on the pre-val list. The presence of your product on this list is sufficient to satisfy FIPS 140-2 requirements for some procurements.
This turnkey validation package is applicable in the following circumstances:
Note that we can still help you if not all of these circumstances apply, but we'll have to look at your specific situation more closely. Note minor software modifications can often be accommodated in a change letter modification.
Interested? Contact the OSF.