On Thu, 4 Jan 2007 21:51, [EMAIL PROTECTED] said: > in FIPS 140-2 (in which case, yes, it does implement many of them). The > speaker might be asking whether GnuPG has passed a formal NIST-approved > certification process, in which case to my knowledge it hasn't.
To my knowledge, no FIPS140-2 (or CC) evaluation for GnuPG has been done. Though I know a little bit of CC evaluation, I don't know the rules for such a evaluation to Security Level 1 of FIPS140-2. In general such an evaluations are pretty expensive as a lot woodware has to be produced. Shalom-Salam, Werner _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
