I'm a govt contractor on a web application project, and:
I recently upgraded to a utilization of version 5.1.2, since I had read that at
least version 5 was required for FIPS compliance.
I have noted that there are other algorithms in the code besides those that are
FIPS compliant.
I just saw a post from Paulo on another forum site indicating that MD5 was
required for PDF generation.
My server environment will eventually, probably within six months, require the
"Enable FIPS compliance" flag to be turned ON.
When the FIPS flag is on, ANY code that references non-compliant encryption
algorithms will break, EVEN IF those references are not utilized or called from
my application.
So, has anyone created a port of the latest iTextSharp that really IS FIPS
compliant? Or at the very least, has anyone determined how to make the
existing code really WORK with the FIPS compliance flag being turned to "on"?
I'm assuming that if I just comment out the references to non-compliant
algorithms, it should work; but is Paulo's statement about MD5 being required
still true? Do I need to consider a different PDF creation solution?
Thanks for your help in advance.
Paul
------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
iText-questions mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
