Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-08 Thread Martin Kosek
a-users@redhat.com > Date: 08/05/2016 06:33 AM > Subject: Re: [Freeipa-users] IPA and FIPS 140-2 > > --- > > > > Are you now asking about when upstream version is FIPS compliant or some > downstream di

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-08 Thread Michael Sean Conley
Crittenden Cc: freeipa-users@redhat.com Date: 08/05/2016 06:33 AM Subject:Re: [Freeipa-users] IPA and FIPS 140-2 Are you now asking about when upstream version is FIPS compliant or some downstream distribution? If you are asking about RHEL, as indicated by https

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-05 Thread Martin Kosek
sers@redhat.com > Date: 08/04/2016 11:37 AM > Subject: Re: [Freeipa-users] IPA and FIPS 140-2 > > --- > > > > Michael Sean Conley wrote: >> Does ANYONE have any experience getting IPA t

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Rob Crittenden
Anon Lister wrote: I'd also like to throw in that the requirements you are facing are likely requiring FIPS Certified, not just compliant, as I'm somewhat familiar with them. (800-53 or 800-171) Essentially it will have to fall back on the FIPS compliant openssl implementation, however I believe

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Michael Sean Conley
] IPA and FIPS 140-2 Michael Sean Conley wrote: > Does ANYONE have any experience getting IPA to work with FIPS? > > We're trying desperately to get this going, as we have some requirements > that the Identity Management Tool we choose must be FIPS 140-2 compliant. No, it doe

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Anon Lister
Sorry, certified openssl implementation* On Aug 4, 2016 9:38 AM, "Anon Lister" wrote: > I'd also like to throw in that the requirements you are facing are likely > requiring FIPS Certified, not just compliant, as I'm somewhat familiar with > them. (800-53 or 800-171) > > Essentially it will have

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Anon Lister
I'd also like to throw in that the requirements you are facing are likely requiring FIPS Certified, not just compliant, as I'm somewhat familiar with them. (800-53 or 800-171) Essentially it will have to fall back on the FIPS compliant openssl implementation, however I believe there are other cryp

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Rob Crittenden
Michael Sean Conley wrote: Does ANYONE have any experience getting IPA to work with FIPS? We're trying desperately to get this going, as we have some requirements that the Identity Management Tool we choose must be FIPS 140-2 compliant. No, it doesn't work in FIPS mode yet. If you open a suppo

[Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Michael Sean Conley
Does ANYONE have any experience getting IPA to work with FIPS? We're trying desperately to get this going, as we have some requirements that the Identity Management Tool we choose must be FIPS 140-2 compliant. GGHHH Michael Sean Conley-- Manage your subscription for the Freeipa-users ma