I am not a FIPs expert but a quick read seems to include just software. For example, openssl has FIPS validated modules? https://wiki.openssl.org/index.php/FIPS_modules. And by ensuring you are using a FIPS validated module allows you to say your software is FIPS "compliant".
Regards, brian On Tue, Sep 17, 2019 at 9:44 AM Stephane Bortzmeyer <bortzme...@nic.fr> wrote: > On Tue, Sep 17, 2019 at 09:14:54AM -0400, > Brian Sullivan <brian.sulli...@lookout.com> wrote > a message of 57 lines which said: > > > I have a question from our compliance team, is dnsdist FIPS 140-2 > compliant? > > I thought that FIPS-140 was about the security of hardware? With > FIPS-140-2 requiring tamper evidence? > -- Brian M. Sullivan Senior Staff Security Intelligence Engineer bsulli...@lookout.com | www.lookout.com
_______________________________________________ dnsdist mailing list dnsdist@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/dnsdist