Re: Fedora Hard Disk Encryption and FIPS 140-2 Compliance

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2010-05-24 at 10:42 -0400, Edmon Begoli wrote:
> Does anyone know if Fedora's HD encryption is, or could it be, compliant with
> US NIST requirement for hard disk encryption included in NIST FIPS 140-2?
> 
> http://csrc.nist.gov/groups/STM/cmvp/#05
> 
> Thanks.

FIPS compliance testing is a cumbersome and expensive exercise in
paperwork. It's usually farmed out to a 3rd party "independent lab" for
upwards of $20K per cert. The only open source software project I know
that has successfully obtained FIPS 140-2 compliance certification is
OpenSSL, and they took on the task themselves.

Note that the requirement for FIPS compliance was brought about by FISMA
2002. This law and NIST's implementation have been justly criticized for
their emphasis on paperwork documentation in the certification and
accreditation (C&A) process. Security experts estimate upwards of 80% of
C&A budgets are being wasted on such "binder-ware". A new FISMA 2010 is
making its way through Congress that will change that emphasis to more
practical measures like pen-testing and automated status monitoring.

--Doc Savage
  Fairview Heights, IL

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux