This is a case study of the Federal Information Processing Standards (FIPS) 140-2 validation of the OpenSSL FIPS Object
Module that led to certificate #1747 (initially awarded on June 27, 2012). This case study documents what happened
during the validation, including identifying lessons learned for future projects. OpenSSL is a cryptographic library
available through an open source software (OSS) license. The Defense Advanced Research Projects Agency (DARPA)
provided funding for the evaluation of the OpenSSL FIPS module for two platforms in 2011 through 2012. Once DARPA
committed to this initial funding, many other organizations (both government and private) joined the evaluation project by
providing additional funding. Overall, this demonstrates that when organizations pool their resources, they can achieve
far more than any one of them would have been willing to do on its own.