2008/10/9 Ian G <[EMAIL PROTECTED]>: > David Stutzman wrote: >> The security policy in case anyone is interested and doesn't have it: >> http://www.mozilla.org/projects/security/pki/nss/fips/secpolicy.pdf > > Thanks Dave, > > I'm interested, and flicked through, but most of it is way above my > pay grade. It looks like a huge investment put into that document. > > A couple of questions, might not be germane to others or otherwise O/T: > > Why is there DSA key generation but not RSA key generation? e.g., > page 10, pt 23. > > Is there an analogue to this document for the FIPS-approved OpenSSL?
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp918.pdf All of the security policies are available from the CMVP validation list. Also, the CMVP validation list states what algorithms are approved in each module. It's possible that RSA is not an approved algorithm in FIPS mode for the NSS validated module. What's the certificate number for NSS, Dave? -Kyle H _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
