Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 233477 - FIPS 200: Use FIPS 140-2 validated crypto
Summary: FIPS 200: Use FIPS 140-2 validated crypto
Status: CLOSED DUPLICATE of bug 444768
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: distribution
Version: 5.0
Hardware: All
OS: Linux
Target Milestone: ---
: ---
Assignee: RHEL Product and Program Management
QA Contact: Daniel Riek
Depends On:
Blocks: 233480
TreeView+ depends on / blocked
Reported: 2007-03-22 18:14 UTC by Chris Runge
Modified: 2008-09-25 18:42 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Last Closed: 2008-09-25 18:42:00 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Chris Runge 2007-03-22 18:14:29 UTC
Requirement for FIPS 200

NIST 800-53
Use of validated cryptography

"When cryptography is employed within the information system, the system
performs all cryptographic operations (including key generation) using FIPS
140-2 validated cryptographic modules operating in approved modes of operation".

See for more

NSS is going through FIPS 140-2 validation; we need to ensure the version of NSS
in the distribution matches the validated version.

More difficult is going to be tracking down the other crypto and coming up with
a plan to consolidate and/or validate it. OpenSSL has been through the process
but there are problems with the currently validated version that prohibit us
from shipping it.

I can arrange a conversation with OSSI who has sponsored the FIPS 140-2
evaluation for OpenSSL to discuss synergies.

Comment 2 Steve Grubb 2008-09-25 18:42:00 UTC
Closing this bug since there is another one for FIPS work.

*** This bug has been marked as a duplicate of bug 444768 ***

Note You need to log in before you can comment on or make changes to this bug.