Re: [Fed-Talk] The Joys of FIPS
Re: [Fed-Talk] The Joys of FIPS
- Subject: Re: [Fed-Talk] The Joys of FIPS
- From: William Cerniuk <email@hidden>
- Date: Fri, 20 Sep 2013 15:44:14 -0400
Just to be clear, we are talking revalidation through the entire process, not the self validation process, correct?
--
R/Wm.
ph: 703.594.7616
On 20-Sep-2013, at 15:32, Shawn A. Geddis <email@hidden> wrote:
> Peter,
>
> The architecture/APIs, enforcement, management, protections, etc. did not change. The only thing that changed was the addition of more RSA Algorithms to the module(s) themselves. By FIPS 140-2 definition, that is a security relevant change to a module and requires the re-validation of the modules. Remember it is the modules that are validated and not the OS, Services or Applications.
>
> - Shawn
> ________________________________________
> Shawn Geddis
> Security Consulting Engineer
> Apple Enterprise Division
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden