Solved

FIPS 140-2 Compliant Encryption

Posted on 2010-11-23
2
1,445 Views
Last Modified: 2012-05-10
Hello,

I am wondering if SSL/TLS is a FIPS 140-2 Compliant Encryption. If so, can you please point me to an authoritative source?

Thank you,
Joseph Irvine
0
Comment
Question by:jkeagle13
2 Comments
 
LVL 27

Expert Comment

by:Tolomir
ID: 34199978
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 34205497
it depends on what you mean by compliant.

the openssl libraries are fully *certified*, when run in FIPS mode (this restricts you to just the FIPS approved algos). Any SSL link is FIPS *compliant* if the webserver (not client!) is set to operate only using FIPS approved algos - but will not be certified.

apache would be FIPS *certified* only if the openssl library it links to is compiled to FIPS mode (not the default). IIS, similarly, is *certified* if it uses the FIPS compatable libraries (available by default from windows 2003 onwards) AND the system is set to FIPS compliant mode in group policy.  There is no setting that will make IIS compliant but not certified, as one implies the other in windows.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now