Hi Atsuhiko and All,
I know that Jsch hasn't got FIPS 140-2 certified. I looked into the source code
and found that it supports FIPS approved algorithms AES, Triple-DES, DSA, RSA,
SHA-1, HMAC-SHA-1. I wonder whether my software that uses Jsch can pass a FIPS
140-2 validation testing by NIST.
Do you get any experience of this?
I look forward to hearing your inputs.
Thanks a lot,
Viet
--- On Tue, 6/16/09, Atsuhiko Yamanaka <y...@jcraft.com> wrote:
From: Atsuhiko Yamanaka <y...@jcraft.com>
Subject: Re: [JSch-users] Is Jsch FIPS 140-2 compliant?
To: hoangvietp...@yahoo.com
Cc: jsch-users@lists.sourceforge.net
Date: Tuesday, June 16, 2009, 8:48 AM
Hi,
+-From: "Viet H. Phan" <hoangvietp...@yahoo.com> --
|_Date: Mon, 15 Jun 2009 02:32:28 -0700 (PDT) _____
|
|We have been using Jsch to do data transfer with a partner.
|Recently we have got a requirement of following FIPS 104-2 standard
|(http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf).
|Could anyone tell me if Jsch is FIPS 140-2 compliant?
Unfortunately, it is not.
Sincerely,
--
Atsuhiko Yamanaka
JCraft,Inc.
1-14-20 HONCHO AOBA-KU,
SENDAI, MIYAGI 980-0014 Japan.
Tel +81-22-723-2150
+1-415-578-3454
Skype callto://jcraft/
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
JSch-users mailing list
JSch-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jsch-users
