Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-09 Thread Martin Kosek
n...@raytheon.com>, Rob Crittenden > <rcrit...@redhat.com> > Cc: freeipa-users@redhat.com > Date: 08/05/2016 06:33 AM > Subject: Re: [Freeipa-users] IPA and FIPS 140-2 > > --- > > > &

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-08 Thread Michael Sean Conley
l Sean Conley <michael.sean.con...@raytheon.com>, Rob Crittenden <rcrit...@redhat.com> Cc: freeipa-users@redhat.com Date: 08/05/2016 06:33 AM Subject: Re: [Freeipa-users] IPA and FIPS 140-2 Are you now asking about when upstream version is FIPS compliant

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-05 Thread Martin Kosek
onley <michael.sean.con...@raytheon.com>, > freeipa-users@redhat.com > Date: 08/04/2016 11:37 AM > Subject: Re: [Freeipa-users] IPA and FIPS 140-2 > > --- > > > > Michael Sean Conley

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Rob Crittenden
Anon Lister wrote: I'd also like to throw in that the requirements you are facing are likely requiring FIPS Certified, not just compliant, as I'm somewhat familiar with them. (800-53 or 800-171) Essentially it will have to fall back on the FIPS compliant openssl implementation, however I

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Michael Sean Conley
hat.com Date: 08/04/2016 11:37 AM Subject: Re: [Freeipa-users] IPA and FIPS 140-2 Michael Sean Conley wrote: > Does ANYONE have any experience getting IPA to work with FIPS? > > We're trying desperately to get this going, as we have some requirements > that the Identity Manage

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Anon Lister
Sorry, certified openssl implementation* On Aug 4, 2016 9:38 AM, "Anon Lister" wrote: > I'd also like to throw in that the requirements you are facing are likely > requiring FIPS Certified, not just compliant, as I'm somewhat familiar with > them. (800-53 or 800-171) > >

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Anon Lister
I'd also like to throw in that the requirements you are facing are likely requiring FIPS Certified, not just compliant, as I'm somewhat familiar with them. (800-53 or 800-171) Essentially it will have to fall back on the FIPS compliant openssl implementation, however I believe there are other

Re: [Freeipa-users] IPA and FIPS 140-2

2016-08-04 Thread Rob Crittenden
Michael Sean Conley wrote: Does ANYONE have any experience getting IPA to work with FIPS? We're trying desperately to get this going, as we have some requirements that the Identity Management Tool we choose must be FIPS 140-2 compliant. No, it doesn't work in FIPS mode yet. If you open a