Robert,
Savage Robert Contr AFCA/ITCR wrote:
Are there any plans within MF or the NSS development team to seek FIPS 140-2 certification for current NSS modules to allow and promote federal government use of Mozilla? This is basically a paperwork documentation exercise which can be done in-house (the OpenSSL project is pursuing FIPS 140-2 Level 1 certification on their own), or outsourced to a NIST-approved participant in the National Voluntary Laboratory Accreditation Program (NVLAP). One of the NVLAP vendors in the U.S. with links on NIST’s web site quotes about $20K to do the job (see _http://www.bkpsecurity.com/pricing.html_).
A new FIPS validation for NSS 3.9 is currently under consideration at Sun, but there are no firm plans yet.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
