Re: [Fed-Talk] Apple FIPS Cryptographic Module in Finalization step
Re: [Fed-Talk] Apple FIPS Cryptographic Module in Finalization step
- Subject: Re: [Fed-Talk] Apple FIPS Cryptographic Module in Finalization step
- From: "Miller, Timothy J." <email@hidden>
- Date: Fri, 18 Mar 2011 08:20:05 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Apple FIPS Cryptographic Module in Finalization step
From my skim of the security policy, it would seem that Apple certified a new CDSA CSP (plugin). Plus there's a helper application. Directions on where to get said plugin & helper are missing.
-- T
On Mar 17, 2011, at 6:35 PM, Simon, Gary wrote:
> Apple's FIPS Cryptographic Module appears to have been added to the NIST Module Validation Lists (FIPS 140-1 and FIPS 140-2 Vendor List). See:
>
> http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm
>
> I wonder if that means it is finally FIPS-140 validated?
>
>
> From: Dan O'Donnell <email@hidden<mailto:email@hidden>>
> Date: Mon, 7 Mar 2011 09:44:57 -0700
> To: Paul Nelson <email@hidden<mailto:email@hidden>>, Peter Link <email@hidden<mailto:email@hidden>>
> Cc: "email@hidden<mailto:email@hidden>" <email@hidden<mailto:email@hidden>>, Mac DOE <email@hidden<mailto:email@hidden>>
> Subject: Re: [Fed-Talk] Apple FIPS Cryptographic Module in Finalization step
>
> Apple – please provide substantive documentation for this feature when it rolls out.
>
>
>
> On 3/7/11 7:23 AM, "Paul Nelson" <email@hidden> wrote:
>
> I had asked Apple for the Security Policy document, but they would not provide it to me. Has anyone seen this document?
> I need to know how to configure systems and software to make sure things work when the Mac is running in FIPS 140 mode. I assume there will be a mode, or some way to turn off non FIPS 140 cryptos...
>
> Paul Nelson
> Thursby Software Systems, Inc.
>
> On Mar 7, 2011, at 9:18 AM, Link, Peter R. wrote:
>
> http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140InProcess.pdf
>
> Apple's Cryptographic Module has reached the final step towards FIPS 140-2 certification, entering step 5 within the last week. I don't know how long this step takes but hopefully it will only be some paperwork.
>
> iPad and iPhone modules are still in step 1.
>
> 5. Finalization
>
> * Final resolution of validation review comments submitted to NIST and CSEC.
> * Testing documents updated based on resolutions and submitted to NIST and CSEC.
> * Certificate number assigned.
> * Certificate printing and signature process initiated.
>
> Peter Link
> Cyber Security Analyst
> Cyber Security Program
> Lawrence Livermore National Laboratory
> PO Box 808, L-315
> Livermore, CA 94550
> email@hidden
>
>
> __________________________________________________________________________
>
> This email message is for the sole use of the intended recipient(s) and
> may contain confidential information. Any unauthorized review, use,
> disclosure or distribution is prohibited. If you are not the intended
> recipient, please contact the sender by reply email and destroy all copies
> of the original message.
> <ATT00001..txt>
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden