I am not a FIPs expert but a quick read seems to include just software. For
example, openssl has FIPS validated modules?
https://wiki.openssl.org/index.php/FIPS_modules. And by ensuring you are
using a FIPS validated module allows you to say your software is FIPS


On Tue, Sep 17, 2019 at 9:44 AM Stephane Bortzmeyer <bortzme...@nic.fr>

> On Tue, Sep 17, 2019 at 09:14:54AM -0400,
>  Brian Sullivan <brian.sulli...@lookout.com> wrote
>  a message of 57 lines which said:
> > I have a question from our compliance team, is dnsdist FIPS 140-2
> compliant?
> I thought that FIPS-140 was about the security of hardware? With
> FIPS-140-2 requiring tamper evidence?


Brian M. Sullivan
Senior Staff Security Intelligence Engineer
bsulli...@lookout.com |  www.lookout.com
dnsdist mailing list

Reply via email to