Re: [FDE] FDE Digest, Vol 20, Issue 3

Tue, 06 May 2008 08:39:00 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Looks like in WinXP, it does this:

Determines if the TLS/SSL Security Provider supports only the
TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher suite. In effect, this means that the
provider only supports the TLS protocol as a client and as a server (if
applicable). It uses only the Triple DES encryption algorithm for the TLS
traffic encryption, only the RSA public key algorithm for the TLS key
exchange and authentication, and only the SHA-1 hashing algorithm for the
TLS hashing requirements.

For Encrypting File System Service (EFS), it supports only the Triple DES
encryption algorithm for encrypting file data supported by the Windows NTFS
File System. By default, the Encrypting File System Service (EFS) uses the
DESX algorithm for encrypting file data.
- --

Vista uses AES instead of DESX, so in Vista the EFS uses 3DES instead of
AES.

So, enabling FIPS for cryptographic providers seems slower and less secure.
I guess I won't be enabling it then.

- - G


- ----- Original Message ----- 
From: Albert 
To: fde@www.xml-dev.com 
Sent: Tuesday, May 06, 2008 5:32 AM
Subject: Re: [FDE] FDE Digest, Vol 20, Issue 3


in my experience, enabling fips mode blocks web access to websites using
ssl2


2008/5/3 <[EMAIL PROTECTED]>:

Send FDE mailing list submissions to
       fde@www.xml-dev.com

To subscribe or unsubscribe via the World Wide Web, visit
       http://www.xml-dev.com/mailman/listinfo/fde
or, via email, send a message with subject or body 'help' to
       [EMAIL PROTECTED]

You can reach the person managing the list at
       [EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of FDE digest..."


Today's Topics:

  1. Re: FIPS 140-2: When operated in FIPS mode? (Flagstone,
     Spyrus,   Utimaco, Poinsect, MobileArmor) (Ali, Saqib)
  2. Re: Fujistu announces 2,5 inch SATA HDD with FDE
     (Garrett M. Groff)
  3. FIPS vs. non-FIPS modes (Robert Jueneman)



-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014) - not licensed for commercial use: 
www.pgp.com

wj8DBQFIIHaZSGIRT5oVahwRAtRwAKDWdgc8PgP1TMHusK+JnbU7sOTjswCgiqHB
HqQRNVr156D1R8i8coUsWMc=
=znGA
-----END PGP SIGNATURE-----

_______________________________________________
FDE mailing list
FDE@www.xml-dev.com
http://www.xml-dev.com/mailman/listinfo/fde

Reply via email to