Simon Josefsson <[email protected]> writes: > "Hoyt, David" <[email protected]> writes: > >> Is or will there be an effort to become FIPS certified? If so, is >> there a schedule laid out for the process? Is there a webpage I can >> look at to keep myself up-to-date on the certification process? > > All the crypto in GnuTLS normally happens in libgcrypt, and I recall > seeing libgcrypt mentioned on the list of projects underway of becoming > FIPS-certified some time ago.
Looking again, I see that AES/3DES/SHA1/SHA2/RSA/DSA/RNG in libgcrypt have been FIPS certified. Follow links from: http://csrc.nist.gov/groups/STM/cavp/validation.html Still, older TLS does not use standard RSA PKCS#1 so you have to make sure GnuTLS is really using the right crypto bits from libgcrypt. /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
