From: Nikos Mavrogiannopoulos n...@gnutls.org
Date: 03/12/15 02:19
That's correct, but I don't think that SP800-52 is a requirement in
FIPS140-2. Do you have such a reference?
Yes, that's right. Everything points to not having TLS1.0 in the (near) future
btu at the moment it is allowed
On Wed, 2015-03-11 at 13:27 -0400, jonetsu wrote:
From: Nikos Mavrogiannopoulos n...@gnutls.org
Date: 03/11/15 11:27
GNUTLS_FORCE_FIPS_MODE=1 ./gnutls-cli -l --priority NORMAL
./gnutls-cli -l --priority NORMAL
Thanks. In the resulting list many TLS1.0 are found:
(abridged list)
On Tue, Mar 10, 2015 at 7:09 PM, jonetsu jone...@teksavvy.com wrote:
Hello,
The list of ciphers provided by 'gnutls-cli -l' is the same in FIPS mode or
not. The test:
/usr/local/bin/gnutls-cli -v
gnutls-cli 3.3.13
gnutls-cli -l prints all the algorithms compiled in the library. To
see
From: Nikos Mavrogiannopoulos n...@gnutls.org
Date: 03/11/15 11:27
GNUTLS_FORCE_FIPS_MODE=1 ./gnutls-cli -l --priority NORMAL
./gnutls-cli -l --priority NORMAL
Thanks. In the resulting list many TLS1.0 are found:
(abridged list)
TLS_ECDHE_ECDSA_AES_128_CBC_SHA256 TLS1.0
Hello,
The list of ciphers provided by 'gnutls-cli -l' is the same in FIPS mode or
not. The test:
/usr/local/bin/gnutls-cli -v
gnutls-cli 3.3.13
1)
/usr/local/bin/gnutls-cli --fips140-mode
library is NOT in FIPS140-2 mode
/usr/local/bin/gnutls-cli -l
(nonfips list