Re: [Fed-Talk] Laptop encryption
Re: [Fed-Talk] Laptop encryption
- Subject: Re: [Fed-Talk] Laptop encryption
- From: "Trouton, Rich R" <email@hidden>
- Date: Tue, 29 Nov 2011 00:48:44 +0000
- Thread-topic: [Fed-Talk] Laptop encryption
|
Bill,
Great find! Entries 1672 - 1677 are for CommonCrypto in iOS 5 for the various iDevices, which goes with what I got at WWDC: iOS was going to be first, followed by Lion. Hopefully, you'll be proven correct on the timeframe.
I can't speak as to the difficulty (or not) of a checkbox making FileVault 2 FIPS-compatible for those who needed it. FileVault 2 and FileVault are very different solutions to the problem of data-at-rest encryption.
Thanks,
Rich
On Nov 28, 2011, at 4:59 PM, William Cerniuk wrote:
Don't see the new crypto from Apple on that list but I am going to have another search it because I would be overjoyed to be wrong.
Found the AES algorithm was certified here:
http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html
And noted the flash to bang on algorithm certification to crypto model certification averages to 9 months from the comparison of the lists. This suggests that the Lion crypto might be g2g NIST listed buy an optimistic March time frame.
If you have a certification number, please do share!
On a related note, @Rich too, wouldn't it have been smart to have a "FIPS" compatibility mode in Lion that used the old crypto module? A check box could have made Lion an easy upgrade option for us federalies ;-)
At least there is PGP 10.2. Anyone have any lessons learned?
V/R,
Wm.
On Nov 28, 2011, at 3:39 PM, Matthew Linton < email@hidden> wrote:
Ben: As far as I am aware, File Vault under OS X 10.7 does meet the standards. We are treating it that way at NASA.
It is full disk encryption and is FIPS 140-2 validated according to: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm (#1514)
==========================
Matt Linton, GCIH, EZ2C
IT Security Operations Lead
NASA Ames Research Center
650-380-4281 (mobile)
On 11/28/11 12:29 PM, Ben Richards wrote:
Aloha. As with all laptops, our NOAA MacBooks need to implement full HD level encryption. I was recently informed that FileVault no longer meets the necessary standards and that a 3rd party encryption package will need to be used.
I am concerned as the Windows version of this 3rd party package has caused no end of problems. Does anyone have any information on the subject and the apparent indication that FileVault is no longer sufficient for encryption?
-Ben
Sent from my iPhone. Please excuse any grammatical or typographical errors.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
---
JFRC Help Desk
phone: x4030
The best way to get in touch with me is through email.
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden