[gnutls-help] FIPS mode: Removing TLS 1.0 + reference
Nikos Mavrogiannopoulos
nmav at gnutls.org
Mon May 4 10:38:04 CEST 2015
On Thu, Apr 30, 2015 at 2:43 AM, jonetsu at teksavvy.com
<jonetsu at teksavvy.com> wrote:
> Here is the reference to NIST Special Publication SP 800-52 revision
> 1:
> http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r1.pdf
>
> Abstract:
> "This Special Publication provides guidance to the selection
> and configuration of TLS protocol implementations while making
> effective use of Federal Information Processing Stand
> ards (FIPS) and NIST- recommended cryptographic algorithms,
> and requires that TLS 1.1 configured with FIPS- based cipher
> suites as the minimum appropriate secure transport protocol
> and recommends that agencies develop migration plans to TLS
> 1.2 by January 1, 2015. This Special Publication also
> identifies TLS extensions for which mandatory support must be
> provided and other recommended extensions."
I'm still not convinced. The version of FIPS140-2 I have does not
reference SP800-52. So the same argument applies. It should be FIPS
documents referencing the TLS 1.0 removal requirement, not vice-versa.
regards,
Nikos
More information about the Gnutls-help
mailing list