Timothy J. Miller wrote:
Since you're using the CAC you need to stick with a FIPS validated crypto library--either the FIPS version of OpenSSL (if you can find someone who has it) or the FIPS version NSS (3.6, IIRC) if you're working on UNIX.The most recent versions are NSS 3.11.4,5 or any NSS with 3.11.4 softoken (RHEL5 and Fedora 7,8 ship with later versions of NSS but 3.11.4 softoken). see http://wiki.mozilla.org/FIPS_Validation
Earlier validated versions were: NSS 3.2.2: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#248 http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#247 Netscape Security Module 1.01 (no longer available) http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#47 http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#45 Netscape Security Module 1 (no longer available) http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#7 bob
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Coolkey-devel mailing list Coolkey-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/coolkey-devel