Todd Short

OK... how is this a FIPS change? I updated a minimal set of files; is the FIPS scope too broad?

> Nice to see people working on this. > > It's probably a bit overkill to expose a new public API to add arbitrary GREASE. I'd expect we'd want to...

References: https://github.com/openssl/openssl/pull/18186#discussion_r995620485 https://github.com/openssl/openssl/pull/19600#issuecomment-1302593687

> I wonder if a good API for this would just be to have calls to get and set a random seed, e.g. on a SSL_CTX. 64 bits would be...

ping @openssl/committers ?

I view environment variables as somewhat dangerous, because the exact same command may have different and unexpected behavior. This makes it harder to debug when issues arise. Having the commands...

@everettraven I had originally thought of flags (e.g. `--format=olmv1`) but it makes the help a bit convoluted, since only certain commands (e.g. `install` and `uninstall`) would support them. But it...

I am going to suggest another option. Use completely different keywords for OLMv1 vs. OLMv0. So while we have for OLMv0: `kubectl operator install` and `kubectl operator uninstall`. So, perhaps...

Or even `create` and `delete`, which are kubectl keywords.

None of the `EVP_PKEY_set1_XXX()` functions have their returns checked. Should `ENGINE_load_private_key()` always succeed regardless of the return values?