I am trying to figure out how the stipulations for the management of tokens and credentials at LOA3 (Chapter 7.3.1.3 in NIST Special Publication 800-63-1 (http://csrc.nist.gov/publications/nistpubs/800-63-1/SP-800-63-1.pdf) map to a Kerberos KDC.
They talk about the encryption key for the shared secret file being "held in a FIPS 140-2 Level 2 or higher validated hardware cryptographic module or any FIPS 140-2 Level 3 or 4 cryptographic module and decrypted only as immediately required for an authentication operation." The second stipulation states that "shared secrets are protected as a key within the boundary of a FIPS 140-2 Level 2 or higher validated hardware cryptographic module or any FIPS 140-2 Level 3 or 4 cryptographic module and is not exported in plaintext from the module." Does this mean that in order to consider one's KDC infra LOA3 compliant one needs to hold the principal database in a compliant hardware security module? Or am I missing something here? jd
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
