As reported in Cipher EI #20, February 10, 1997, FIPS 140-1 implementation requires that, after 31 January 1997, "only FIPS 140-1 validated cryptographic modules will be considered as meeting the provisions of this standard." Prior to this deadline, it was acceptable to purchase modules that had been submitted for evaluation, but had not yet been validated, or modules that had simply been claimed by their makers to conform to the standard. A list of such modules and more details on the requirements can be found at http://csrc.nist.gov/fips/fips1401.htm
The US National Institute of Standards and Technology and the Communications Security Establishment of the Government of Canada are sponsoring a conference, Assuring Cryptographic Security: The Development, Validation, and Use of FIPS 140-1 Compliant Products in Gaithersburg, MD USA May 11-12, 1998. Conference Web page is http://csrc.nist.gov/cryptval/