Hi folks, I was hoping somebody could confirm or correct my understanding of which version of NSS is FIPS certified.
As I unserstand from https://wiki.mozilla.org/FIPS_Validation Softokn version 3.11.4 is the most recent FIPS certified version. And this is a component of NSS 3.11.4 and 3.11.5 This same document mentions a Target version of Softoken of 3.12.2 ... but I have to say, I'm not sure what they are getting at. On the Mozilla site I've only been able to find binaries for NSS 3.11.4. However, from posts in this forum and reading the document http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf section G.4 it seems that I am able to recompile the unchanged source myself and be able to call the resulting binaries FIPS certified. Are my assumptions correct? Also, is 3.11.5 really the lastest FIPS certified version of NSS or can I use later versions in the 3.11.x chain? How can I tell which versions of NSS are using the correct version of Softoken.... and is that correct version of Softoken 3.11.4 or 3.12.2? Also, just to be correct, when I'm talking about the NSS libraries do I need to call the NSS FIPS complaint libraries, and the Softoken libraries FIPS certified libraries? Thanks _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
