> On Fri, Sep 05, 2003 at 04:05:07PM -0400, Rich Salz wrote:
> > It is the first *source code* certification.
> The ability to do this runs counter to my understanding of FIPS 140-2.

Sure, that's why it's *the first.*  They have never done this before,
and it is very different to how they (or their Ft Meade experts) have
done things before.  I suppose one could argue that they're doing
this for Level 1 to increase the industry demand for Level 2,
but I'm not that paranoid.  I think they finally "get it."   Also,
while I don't know anything beyond what's in the public email, but
based on the initial refeference platform I'll jump to some conclusions
about who's involved, and they're folks with a great deal of credibility,
experience, and influence in export and govt crypto issues.

Anyhow, if you are interested in details, read the articles (3 at
last check) in the thread from the original URL I posted.  You did
read before posting, right? :)

Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to