On Oct 15, 2019, at 12:26 PM, Markus Falb <markus.falb@xxxxxxxx> wrote: > > I guess that I would get A rating from ssllabs. None of my CentOS systems have Internet-facing HTTP, much less HTTPS, so I volunteer you to test it and report back. :) > I read you saying that FIPS 140-2 is not good enough. Apart from age, why? It requires that a conforming application speak only protocols that NIST has approved, and even then, you can only get FIPS 140-2 certification by submitting the software to a third-party validation service, which is very expensive and very time consuming. (I’m seeing numbers like 9 months and US $100,000.) After going through all of that, you aren’t allowed to make *any* changes to the covered parts of the software without going through another validation process. Let’s say you’re a software vendor and someone discovers a vulnerability not caught by the FIPS certification process. You’re a good citizen, so you fix it quickly and release that fix promptly. Then you must re-file for a new certification (more $$$) and then wait for the independent testing lab and NIST to take months to re-certify your software. Meanwhile, those insisting on FIPS mode have to use the known-vulnerable version — which probably has a public CVE filed against it, thus cluing potential attackers into the problem — because the new one isn’t FIPS-certified yet. For another example, elliptic curve crypto is currently getting very popular for various reasons, but not all common curve parameters are NIST-certifiable under FIPS 140-2. If you must communicate with an ECC service using non-certified params, you either cannot run your app in FIPS mode or you have to separately get the other end to become FIPS-certified, which means abandoning those params, which might be better than what you can get under FIPS. Again, I invite you to do a web search for people running into trouble trying to get FIPS-mode apps to communicate with non-FIPS-mode apps. It’s not hard to find people running into problems here. Here’s some I found: https://blogs.technet.microsoft.com/secguide/2014/04/07/why-were-not-recommending-fips-mode-anymore/ https://blogs.oracle.com/security/fips-the-crypto-catch-22 https://bugs.chromium.org/p/chromium/issues/detail?id=194867 If giants like Microsoft, Google, and Oracle are having trouble getting and maintaining their FIPS certifications, what hope do us little guys have? If you don’t like responses from big corporations, here’s some clueful developers discussing the problems: https://news.ycombinator.com/item?id=7635321 I don’t have a problem with independent testing and such per se, but when it’s a regulatory gatekeeper to what software *can* be written and used, it’s a problem when it comes to security. If we’ve learned anything about security in these past decades, it’s that fast reaction to vulnerabilities is critical. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos