Openssl is validated by NIST which makes it fit for use by the US govt.

http://www.linux.com/article.pl?sid=07/02/08/1935232

strange that binary blobs can be certified easily while certifying source code is a problem.

True. But then again its not so strange as when you have multi billion dollar govt. contracts at stake ``certain" proprietary companies will go to any length to keep an open standard out.

i mean some of the complaints by those companies(mainly to delay the validation) were downright ridiculous, e.g saying OpenSSL should not be used as it contains ``commie" i.e communist code written by a Russian developer. How the hell and in which universe is #include<stdio.h> classified as capitalist or communist?

Regards

- vihan