This may not be a useful answer, but it will be an accurate one. :( > "The VA requires that all encryption MUST be FIPS140-2 compliant. Do > you know if this program is?"
This question cannot be answered. What does it mean to be 'compliant'? The speaker might be asking whether it implements algorithms specified in FIPS 140-2 (in which case, yes, it does implement many of them). The speaker might be asking whether GnuPG has passed a formal NIST-approved certification process, in which case to my knowledge it hasn't. Once you can figure out from the speaker precisely what they mean by 'FIPS 140-2 compliant', then we can give you a concrete response. But for right now, I'm afraid I'm drawing a blank. Maybe someone else can cast some more light on it. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
