I see that NSS can be used for a number of applications in order to make
those apps FIPS-certified, but I'm not clear on whether it can be used
for IPsec. Will an IKE daemon like raccoon actually use the NSS stuff?
Would ESP functionality buried in the network stack use the NSS
algorithms? I'm not sure how all this stuff fits together.
I am trying to put together an IPsec solution for government customers
who want the algorithms to be FIPS approved. I'd like to use open source
software and Linux. I'm not seeing other native and open source crypto
stuff for Linux that is FIPS certified, except for OpenSSL. And I'm
thinking that OpenSSL can't help me with an IPsec implementation, but
maybe I'm wrong.
Thanks for any help.
**********
The information contained in this communication is confidential and privileged
proprietary information intended only for the personal and confidential use of
the individual or entity to whom it is addressed. If you are not the addressee
indicated in this message (or an agent responsible for delivery of the message
to such person), you are hereby notified that you have received this
communication in error and that any review, dissemination, copying or
unauthorized use of this message is strictly prohibited. In such case, you
should destroy this message and kindly notify the sender by email.
Please advise immediately if you or your employer do not consent to Internet
email for messages of this kind. Opinions, conclusions and other information in
this message that do not relate to the official business of Cryptek shall be
understood as neither given nor endorsed by it. It is Cryptek's policy that
emails are intended for and should be used for business purposes only.
**********
_______________________________________________
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
