|
|
Re: SSL Certs and FIPS 140-2 Compliance: msg#00005security.websecurity
> I had a visit by Ingrian Networks today who appear to do what you've > spec'd out including having a FIPS compliant system (which appear > to only be required by governmental and military purchasers...). MasterCard and/or Visa requires FIPS hardware for SSL in some cases. I am fairly positive that FIPS doesn't prohibit safely cloning a key and using it. They put requirements on what "safely cloning" means, of course. They recently changed -- PBE (password-based encryption) is no longer allowed, if I remember correctly. /r$ -- Rich Salz Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | RE: SSL Certs and FIPS 140-2 Compliance: 00005, Lyal Collins |
|---|---|
| Next by Date: | Re: SSL Certs and FIPS 140-2 Compliance: 00005, Ryan Barnett |
| Previous by Thread: | Re: SSL Certs and FIPS 140-2 Compliancei: 00005, H. Morrow Long |
| Next by Thread: | RE: SSL Certs and FIPS 140-2 Compliance: 00005, Lyal Collins |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |