Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- FIPS compliant packages
November 10, 2006, 12:00 am
rate this thread
I am writing some security documentation for work. A question came up
about whether or not the Linux security packages used for
authentication (krb5) and key management (RSA/DSA for SSH) were FIPS
I don't really know. I know that Kerberos v5 is FIPS compliant and I
know that SSH v2 is FIPS compliant. However, are the Linux packages
Any ideas how I would verify if they are or not?
Would they be compliant because the underlying algorithm is compliant?
Thanks for any insight.
Re: FIPS compliant packages
although there has some controversy. The certification is just to level
FIPS compliance is, as those who deal with the US government know, a
big hurdle. There are not a lot of products which conform as the
compliance list shows. Ideally, I think, the secuity aspects of Linux
to include an encrypting file system, OpenSSL could receive
certification opening up opportunities not only for Linux on general
machines but embedded into routers and other network appliances. The
opportunities for a system, like the Linksys consumer routers marketed
as a way to "secure" other commercial systems and sensors would be huge.
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security