On Fri, Jul 18, 2008 at 5:50 AM, David Stutzman <[EMAIL PROTECTED]> wrote: > > The ECC PKCS11 module that I added is > actually FIPS-approved. So, in my case least, I should be ok regardless > of the version of NSS I use or I *still* need a FIPS-approved and > enabled softtoken in addition to my FIPS 3rd party PKCS11 module?
If you are sure that you perform all the crypto operations using this ECC PKCS11 module, then you are compliant with FIPS. Using a FIPS-validated NSS softoken is not necessary, but eliminates the need to verify that you use the ECC PKCS11 module exclusively. Wan-Teh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
