On Oct 15, 2019, at 12:26 PM, Markus Falb <markus.f...@fasel.at> wrote:
>
> I guess that I would get A rating from ssllabs.
None of my CentOS systems have Internet-facing HTTP, much less HTTPS, so I
volunteer you to test it and report back. :)
> I read you saying that FIPS 140-2 is not good enough. Apart from age, why?
It requires that a conforming application speak only protocols that NIST has
approved, and even then, you can only get FIPS 140-2 certification by
submitting the software to a third-party validation service, which is very
expensive and very time consuming. (I’m seeing numbers like 9 months and US
$100,000.) After going through all of that, you aren’t allowed to make *any*
changes to the covered parts of the software without going through another
validation process.
Let’s say you’re a software vendor and someone discovers a vulnerability not
caught by the FIPS certification process. You’re a good citizen, so you fix it
quickly and release that fix promptly. Then you must re-file for a new
certification (more $$$) and then wait for the independent testing lab and NIST
to take months to re-certify your software. Meanwhile, those insisting on FIPS
mode have to use the known-vulnerable version — which probably has a public CVE
filed against it, thus cluing potential attackers into the problem — because
the new one isn’t FIPS-certified yet.
For another example, elliptic curve crypto is currently getting very popular
for various reasons, but not all common curve parameters are NIST-certifiable
under FIPS 140-2. If you must communicate with an ECC service using
non-certified params, you either cannot run your app in FIPS mode or you have
to separately get the other end to become FIPS-certified, which means
abandoning those params, which might be better than what you can get under FIPS.
Again, I invite you to do a web search for people running into trouble trying
to get FIPS-mode apps to communicate with non-FIPS-mode apps. It’s not hard to
find people running into problems here.
Here’s some I found:
https://blogs.technet.microsoft.com/secguide/2014/04/07/why-were-not-recommending-fips-mode-anymore/
https://blogs.oracle.com/security/fips-the-crypto-catch-22
https://bugs.chromium.org/p/chromium/issues/detail?id=194867
If giants like Microsoft, Google, and Oracle are having trouble getting and
maintaining their FIPS certifications, what hope do us little guys have?
If you don’t like responses from big corporations, here’s some clueful
developers discussing the problems:
https://news.ycombinator.com/item?id=7635321
I don’t have a problem with independent testing and such per se, but when it’s
a regulatory gatekeeper to what software *can* be written and used, it’s a
problem when it comes to security. If we’ve learned anything about security in
these past decades, it’s that fast reaction to vulnerabilities is critical.
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
