[Discuss] NAS: encryption

[Richard Pieri]

On 7/7/2015 1:50 PM, Bill Bogstad wrote:
> Unless the FIPS certifying agency does code audits,

Which it must:

http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf

Source code examination is a requirement for FIPS 140-2 cryptographic 
module certification with higher security levels requiring additional 
documentation and specifications. Consumer and enterprise SEDs are 
usually Security Level 2 and the security profiles are matters of public 
record.

-- 
Rich P.