Re: Debian readline/libedit breakage

> * Charles.McDevitt@emc.com (Charles.McDevitt@emc.com) wrote:
> > Don't forget that OpenSSL has a FIPS-140 compliant version, and FIPS-140
> compliance is essential to many Federal users.
>
> Essential?  That's a bit much.  Yes, it shows up on a FISMA review as an
> open action item, but it's a risk that can both be accepted and
> mitigated.  I also thought FIPS-140 version required API changes..
>
> > GnuTLS doesn't qualify.
>
> That should be "doesn't currently"..
>

Doesn't currently?  Does that mean you know of a project to get FIPS certification for it?  I don't.

The current OpenSSL has a version that is (the only source-code-level FIPS-140 certification ever).
And yes, it is API compatible with the non-FIPS one.  It just doesn't support some of the algorithms that the other
does.

The GNU people will never be 100% satisfied by anything you do to psql, other than making it GPL.
Readline is specifically licensed in a way to try to force this (but many disagree with their ability to force this).