From owner-freebsd-questions@freebsd.org Mon Apr 8 18:06:40 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 648E515639F7 for ; Mon, 8 Apr 2019 18:06:40 +0000 (UTC) (envelope-from pathiaki2@yahoo.com) Received: from sonic317-32.consmr.mail.ne1.yahoo.com (sonic317-32.consmr.mail.ne1.yahoo.com [66.163.184.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4EC9384658 for ; Mon, 8 Apr 2019 18:06:39 +0000 (UTC) (envelope-from pathiaki2@yahoo.com) X-YMail-OSG: 92cdPMQVM1m5CmkUCZlyrX9wShWiNsp0wVI_hmI_BMPEisUJBYibo9itiu1FoL0 eevpqebGg95f8RdUyKhik_b5.WdPicspp9THSut.UOPtzlneXSXyItz6NM0GpXzWF83C9ZCp0R.X D6F_g.FAi.tAr5bZjYVSU6zeb_E.sT4FaAnVjyeEXKFSupOdccKniqZXK0lpNJT5sx0NRBD1Qh0V FrRaCpXCKpqz_CZ8c.dNyie_hRRoaTEIA5WOc4ACQAv7m84ceFOxBeCsE3h8n8fPuZrU0sxzf9Hb 8VpkJs2MPO416bPkOpuNfv8zDAhf2SJ6Svzl4tI3MY.k9MA.JXjqxiZTRw79pa6pRGu7LROSGyAz HJm1Pw6ohL6tOEIdulFAcT1kPxFWcjvxW85eHkp4ktwd7qJoDEzgl98_Xxb6wrPZopoTW3LDVwUN fB5VVrw2pEc32FxwYTwVKdgeAffWE6JHHoF3TzATfKTSvdOfvfjh0o_e5ZljXKkPBm7Wf5rulfzh Uxpm1FFo2PtZaNsYmF3fdcSdd4Xb8n3GIoPQxTwwDYqU4yTmCUkOjsgMcgHMIXXMfZWj7Uq_BirR 3CqnPK7Ja0ewQvZ9UgHrq3R0W.iORnTj9stjCaw_qH0K3YgDGZFXetOa4ZlzV_fgjkgQYW7SSyQf 99Y662gHBpyxow5okMYb4QWLx8RzF2rTJ7HeeDOdjcfo49akAmbK8lQPvS3X7WHwCzZtdvFm1q9P SaoWAdANoat.fHeMlc8XF99d31InAS0jWZ_5D334OxN52nqvUGH5BxbhJa0xKQaPvnjwMuaequi_ igtYaZ42VzgncwQRRK.oRPs.dx.3M_ZG_oKWKU2BWvIk8l4QuSo5RCEHYgO4EGg2LJMWmA6SVf9M ODR_j8mk9YnJZZbLLaEIq.fbwRfaRtAU3Cpc6zFQ2dZLQThOlvEZj1XCQVtI2nk.0C3F45gh9pQS _jg1WF4lL7wnQkigt0PA_4ltOKE5LLlWcf1FApd_ClZJcmvILeiXiydfprW20dTWUkz9iohJP1ZP bShSupAJvwERp.gKLzahLHX0M9pW.Lzl7pNnQ.a6NipBaqTRM4cKMWWspAHsw40PBisocAn1WcBj jt6ptlUQ6crrv Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.ne1.yahoo.com with HTTP; Mon, 8 Apr 2019 18:06:37 +0000 Date: Mon, 8 Apr 2019 18:06:37 +0000 (UTC) From: Paul Pathiakis To: FreeBSD Questions Message-ID: <1435534691.18734564.1554746797370@mail.yahoo.com> Subject: NIST and FIPS compliance MIME-Version: 1.0 References: <1435534691.18734564.1554746797370.ref@mail.yahoo.com> X-Mailer: WebService/1.1.13212 YMailNorrin Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Firefox/60.0 X-Rspamd-Queue-Id: 4EC9384658 X-Spamd-Bar: ++ X-Spamd-Result: default: False [2.49 / 15.00]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; FREEMAIL_FROM(0.00)[yahoo.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.91)[0.906,0]; NEURAL_SPAM_MEDIUM(0.94)[0.942,0]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[yahoo.com:+]; MX_GOOD(-0.01)[cached: mta6.am0.yahoodns.net]; RCVD_IN_DNSWL_NONE(0.00)[43.184.163.66.list.dnswl.org : 127.0.5.0]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; IP_SCORE(0.88)[ip: (1.83), ipnet: 66.163.184.0/21(1.47), asn: 36646(1.18), country: US(-0.06)]; NEURAL_SPAM_LONG(0.77)[0.770,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36646, ipnet:66.163.184.0/21, country:US]; RCVD_COUNT_TWO(0.00)[2]; DWL_DNSWL_NONE(0.00)[yahoo.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Apr 2019 18:06:40 -0000 Hi all, I find the whole idea of NIST and FIPS to fly in the face of OSS sanity. However, should there not be a switch in all ports and the OS for things to= be built with a FIPS compliant encryption module?=C2=A0 Seriously, like th= e openssl-2.0-fips module? I know it's annoying but the US and Canadian Govts are demanding this of al= l vendors and contractors.=C2=A0 RH/CentOS is already compliant with this s= tupidity and, sadly, I think it should be considered. And, if this was done, it would allow all derivations of the FreeBSD to be = able to access this.=C2=A0 I'm trying for FreeNAS to be used in such an env= ironment. Paul