Re: NSS 4.0 FIPS enabled for Windows

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: NSS 4.0 FIPS enabled for Windows

tapas.adhikary
On Monday, January 9, 2017 at 11:35:50 PM UTC+5:30, tanaysees wrote:

> Hi All,
> We are consuming NSS crpto libraries for our project. I had some queries regarding the FIPS compliance for NSS for Windows environment.
>
> NSS cryptographic libraries ver 4.0 currently is certified for Red Hat Linux based environments as per https://www.cryptsoft.com/fips140/out/cert/2711.html
> && https://www.cryptsoft.com/fips140/out/cert/2721.html
>
> Is there any plan to support the FIPS compliance for Windows OS based environments for the current version? Will the current version be supported for Win platforms in the near future?
>
> If so please share the details.
>
>
> Thanks,
> Tanay

+ 1 for this. Anyone have any information on this one?
_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: NSS 4.0 FIPS enabled for Windows

J.C. Jones
Tapas,  Tanay:

I'm not aware of any activity to re-valdiate FIPS for Windows targets at
this time. The last validation on Windows that I'm aware of was in 2009
[1], covering 32-bit Windows XP SP3, according to some of the certificates
at NIST CSRC [2].

It's possible that the previous validation will be sufficient for newer
versions of Windows, depending on the context in which you need to use a
validated module. CMVP would be the best source of guidance on that.

[1] https://wiki.mozilla.org/FIPS2009
[2] http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html#1128

Cheers,
J.C.

On Tue, Feb 28, 2017 at 9:22 PM, <[hidden email]> wrote:

> On Monday, January 9, 2017 at 11:35:50 PM UTC+5:30, tanaysees wrote:
> > Hi All,
> > We are consuming NSS crpto libraries for our project. I had some queries
> regarding the FIPS compliance for NSS for Windows environment.
> >
> > NSS cryptographic libraries ver 4.0 currently is certified for Red Hat
> Linux based environments as per https://www.cryptsoft.com/
> fips140/out/cert/2711.html
> > && https://www.cryptsoft.com/fips140/out/cert/2721.html
> >
> > Is there any plan to support the FIPS compliance for Windows OS based
> environments for the current version? Will the current version be supported
> for Win platforms in the near future?
> >
> > If so please share the details.
> >
> >
> > Thanks,
> > Tanay
>
> + 1 for this. Anyone have any information on this one?
> _______________________________________________
> dev-security mailing list
> [hidden email]
> https://lists.mozilla.org/listinfo/dev-security
>
_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security
Loading...