On Fri, 24 Apr 2015 16:30:32 +0200 Nikos Mavrogiannopoulos <[email protected]> wrote:
> On Fri, Apr 24, 2015 at 4:08 PM, jonetsu <[email protected]> wrote: > > Hello, > > > > Here is the reference to the exclusion of TLS 1.0: > > https://www.niap-ccevs.org/pp/pp.cfm?id=CPP_ND_V1.0 > > Thanks. This is a protection profile, but it has nothing to do with > FIPS-140-2. The requirements for FIPS140-2 are specified in [0], and > to the documents referred by it. I don't see you document being > referred in that publication, but if it is, just let me know. > > regards, > Nikos > > [0]. http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf Hello, Here is the reference to NIST Special Publication SP 800-52 revision 1: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r1.pdf Abstract: "This Special Publication provides guidance to the selection and configuration of TLS protocol implementations while making effective use of Federal Information Processing Stand ards (FIPS) and NIST- recommended cryptographic algorithms, and requires that TLS 1.1 configured with FIPS- based cipher suites as the minimum appropriate secure transport protocol and recommends that agencies develop migration plans to TLS 1.2 by January 1, 2015. This Special Publication also identifies TLS extensions for which mandatory support must be provided and other recommended extensions." Regards. _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
