: Not FIPS if app uses other crypto?
First of all I assume that we are talking about FIPS 140-2 [or 3 but
that's not mandatory anywhere yet].
Mandatory? 140-3 isn't even issued yet. :)
/r$
--
SOA Appliances
Application Integration Middleware
On Thu, Apr 13, 2006, Hank Cohen wrote:
Right you are! My mistake.
I knew it was under development but no draft has been issued yet.
Here's a new question.
When OpenSSL got it's NIST algorithm certifications were they only for
specific processors? I notice that the Open Source Software
There's no provision for --prefix= as an option?
-Kyle H
On 4/14/06, Dr. Stephen Henson [EMAIL PROTECTED] wrote:
On Thu, Apr 13, 2006, Hank Cohen wrote:
Right you are! My mistake.
I knew it was under development but no draft has been issued yet.
Here's a new question.
When OpenSSL
On Fri, Apr 14, 2006, Kyle Hamilton wrote:
There's no provision for --prefix= as an option?
No but that doesn't matter in practice...
The validated module is the object file fipscanister.o. Once that and the
associated hash files have been built and installed using the approved
prodecure
First of all I assume that we are talking about FIPS 140-2 [or 3 but
that's not mandatory anywhere yet].
Mandatory? 140-3 isn't even issued yet. :)
/r$
--
SOA Appliances
Application Integration Middleware
__
: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Richard Salz
Sent: Thursday, April 13, 2006 7:00 PM
To: openssl-users@openssl.org
Cc: openssl-users@openssl.org; [EMAIL PROTECTED]
Subject: RE: Not FIPS if app uses other crypto?
First of all I assume that we are talking about FIPS 140-2
This should probably be clarified: The application must only use
FIPS-approved modules for all cryptography. However, most
FIPS-approved modules cost a lot of money -- there are two that do
not, but OpenSSL is the only one available for UNIX systems that does
not, and it's the only one that can
It's my mistake, I believe. AES does specify 128, 192, and 256-bit
keylengths, but only 128-bit block lengths. (I misread something on
the CSRC website.)
(I'm copying this back to the list because it's something that I
should clear up.)
-Kyle H
On 4/12/06, Wes Kussmaul [EMAIL PROTECTED]
Kyle, thanks for your response. If you don't mind answering one more
question, it will help clarify things for me.
Assume a hypothetical crypto toolkit; OpenEXX has recently emerged and
is a leader in a crypto technology that is useful for memory constrained
devices. It has been recently FIPS
On 4/12/06, Lyon, Jay [EMAIL PROTECTED] wrote:
Kyle, thanks for your response. If you don't mind answering one more
question, it will help clarify things for me.
Assume a hypothetical crypto toolkit; OpenEXX has recently emerged and
is a leader in a crypto technology that is useful for
It seems to me that the question is this: can an application use two
FIPS-certified toolkits at the same time? For example, a FIPS certified
device for doing private key operations, and FIPS software for doing
symmetric key operations. The answer is yes. (There will be issues and
: Wednesday, April 12, 2006 8:10 PM
To: openssl-users@openssl.org
Subject: Re: Not FIPS if app uses other crypto?
It seems to me that the question is this: can an application use two
FIPS-certified toolkits at the same time? For example, a
FIPS certified
device for doing private key
12 matches
Mail list logo
