On Oct 11, 2011, at 8:05 AM, Miller, Timothy J. wrote: On 10/9/11 10:32 PM, "Shawn Geddis" < email@hidden> wrote: The addition of "Apple FIPS Cryptographic Module" to the Modules in Process list [3] is a reflection of the "re-validation" of the CDSA/CSP module shipped in Mac OS X 10.6 and validated on March 9, 2011. OS X Lion (v10.7) does not use the CDSA/CSP module, but Apple is performing this re-validation to provide continued validation for all third-party applications using this module. Ok, great, but when will Lion's new architecture enter CMVP? You know how this works, Shawn--we can get exceptions in C&A only as long as we can file POA&Ms, emphasis on 'M' (milestones). -- T
Tim,
OS X Lion (v10.7) does not use the CDSA/CSP module, but Apple is performing this re-validation to provide continued validation for all third-party applications using this module.
Sorry, I guess my statements have not been clear enough. The ONLY module used in OS X Lion that is undergoing FIPS 140-2 Conformance Validation is the CDSA/CSP module that was validated for Mac OS X 10.6 -- this is solely being re-validated for third-party applications that still use it.
Cryptography on OS X and iOS are undergoing convergence, but they are in no way the same module(s) today. This convergence takes Engineering time and careful transitioning.
/* Personal Comment */ The FIPS 140 Conformance Validation Process needs a major overhaul if the US Federal Government is to maintain any chance of staying current with innovation. I believe FIPS 140-3 was initially targeted for 2007, but is still in DRAFT -- I believe that tells us all something very valuable. When a module submission sits in the queue for ~6 months and the products are changing ~12/15 months, it makes it impossible for any vendor to realistically achieve validation for each release. Significant Resources for NIST/CMVP and changes in the process are going to have to be realized before this can ever be truly effective for the US Federal Government.
Please also keep in mind that FIPS 140 Validation in no way ensures a product is secure in any manner. It simply ensures that the cryptographic algorithms are properly implemented and the product does what the vendor claims it does according to guidelines set forth by NIST. Any Application/Service could inappropriately handle cryptographic data supplied by a FIPS 140-2 Validated module and in turn fail to protect the sensitive data as expected. FIPS 140-2 has become a box checking exercise by agencies with seemingly little thought to the actual implementations and protection of data. /* Personal Comment */
- Shawn ________________________________________ Shawn Geddis Security Consulting Engineer Apple Enterprise Division |