BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] NAS: encryption

Subject: [Discuss] NAS: encryption
From: richard.pieri at gmail.com (Richard Pieri)
Date: Tue, 7 Jul 2015 14:32:18 -0400
In-reply-to: <CAJFsZ=qMMaytrjR0t-PpK3B5AZVLfnVPybNuLAkkmLZqMgYgrw@mail.gmail.com>
References: <5596D8DA.2000201@gmail.com> <55980A9F.4020007@gmail.com> <BY1PR0401MB1641117906253C39D8075681DC940@BY1PR0401MB1641.namprd04.prod.outlook.com> <sjmd203evpz.fsf@securerf.ihtfp.org> <559C0CFA.2040506@gmail.com> <CAJFsZ=qMMaytrjR0t-PpK3B5AZVLfnVPybNuLAkkmLZqMgYgrw@mail.gmail.com>

On 7/7/2015 1:50 PM, Bill Bogstad wrote:
> Unless the FIPS certifying agency does code audits,

Which it must:

http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf

Source code examination is a requirement for FIPS 140-2 cryptographic 
module certification with higher security levels requiring additional 
documentation and specifications. Consumer and enterprise SEDs are 
usually Security Level 2 and the security profiles are matters of public 
record.

-- 
Rich P.

References:
- [Discuss] NAS: buy vs. build
  - From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] NAS: encryption
  - From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] NAS: encryption
  - From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] NAS: encryption
  - From: warlord at MIT.EDU (Derek Atkins)
- [Discuss] NAS: encryption
  - From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] NAS: encryption
  - From: bogstad at pobox.com (Bill Bogstad)

Prev by Date: [Discuss] NAS: encryption
Next by Date: [Discuss] NAS: encryption
Previous by thread: [Discuss] NAS: encryption
Next by thread: [Discuss] NAS: encryption
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.