I am not a FIPs expert but a quick read seems to include just software. For example, openssl has FIPS validated modules? https://wiki.openssl.org/index.php/FIPS_modules. And by ensuring you are using a FIPS validated module allows you to say your software is FIPS "compliant".
Regards, brian On Tue, Sep 17, 2019 at 9:44 AM Stephane Bortzmeyer <[email protected]> wrote: > On Tue, Sep 17, 2019 at 09:14:54AM -0400, > Brian Sullivan <[email protected]> wrote > a message of 57 lines which said: > > > I have a question from our compliance team, is dnsdist FIPS 140-2 > compliant? > > I thought that FIPS-140 was about the security of hardware? With > FIPS-140-2 requiring tamper evidence? > -- Brian M. Sullivan Senior Staff Security Intelligence Engineer [email protected] | www.lookout.com
_______________________________________________ dnsdist mailing list [email protected] https://mailman.powerdns.com/mailman/listinfo/dnsdist
