RE: [Fed-Talk] Disabling sslv2 on ssh
RE: [Fed-Talk] Disabling sslv2 on ssh
- Subject: RE: [Fed-Talk] Disabling sslv2 on ssh
- From: "Losasso, Jonathan E IT3 CCG, N63" <email@hidden>
- Date: Tue, 24 Feb 2009 14:55:25 -0800
- Thread-topic: [Fed-Talk] Disabling sslv2 on ssh
In order to be compliant with netwarcom, openssl needs to be the newest
version (0.9.8j), funny huh.
-----Original Message-----
From: Miller, Timothy J. [mailto:email@hidden]
Sent: Tuesday, February 24, 2009 14:25
To: Losasso, Jonathan E IT3 CCG, N63; email@hidden
Subject: Re: [Fed-Talk] Disabling sslv2 on ssh
On 2/23/09 4:30 PM, "Losasso, Jonathan E IT3 CCG, N63"
<email@hidden> wrote:
> Tim - We are running the latest version of openssl 0.9.8j, had to
> compile on my own as apple is sometimes slow to release updates, so
> not exactly the version that ships with leopard.
Which is still not FIPS compliant. The OpenSSL FIPS Object Module will only
work with OpenSSL 0.9.7. See:
http://www.oss-institute.org/fips-faq.html
http://www.openssl.org/docs/fips/UserGuide-1.1.1.pdf
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp733.pdf
On how to get FIPS compliant with OpenSSL.
This is a DIACAP requirement, so you're going to run into it sooner or
later.
-- Tim
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden