[gnutls-help] FIPS mode: Removing TLS 1.0 + reference
jonetsu at teksavvy.com
jonetsu at teksavvy.com
Thu Apr 30 02:43:05 CEST 2015
On Fri, 24 Apr 2015 16:30:32 +0200
Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> On Fri, Apr 24, 2015 at 4:08 PM, jonetsu <jonetsu at teksavvy.com> wrote:
> > Hello,
> >
> > Here is the reference to the exclusion of TLS 1.0:
> > https://www.niap-ccevs.org/pp/pp.cfm?id=CPP_ND_V1.0
>
> Thanks. This is a protection profile, but it has nothing to do with
> FIPS-140-2. The requirements for FIPS140-2 are specified in [0], and
> to the documents referred by it. I don't see you document being
> referred in that publication, but if it is, just let me know.
>
> regards,
> Nikos
>
> [0]. http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
Hello,
Here is the reference to NIST Special Publication SP 800-52 revision
1:
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r1.pdf
Abstract:
"This Special Publication provides guidance to the selection
and configuration of TLS protocol implementations while making
effective use of Federal Information Processing Stand
ards (FIPS) and NIST- recommended cryptographic algorithms,
and requires that TLS 1.1 configured with FIPS- based cipher
suites as the minimum appropriate secure transport protocol
and recommends that agencies develop migration plans to TLS
1.2 by January 1, 2015. This Special Publication also
identifies TLS extensions for which mandatory support must be
provided and other recommended extensions."
Regards.
More information about the Gnutls-help
mailing list