Date: Thu, 12 Jul 2012 16:10:09 -0500 From: "Wilson, William O" <William.Wilson@unisys.com> To: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: FIPS140-2 Message-ID: <99C8B2929B39C24493377AC7A121E21FB032D08A74@USEA-EXCH8.na.uis.unisys.com>
next in thread | raw e-mail | index | archive | help
Greetings, We have a need for a FIPS140-2 compliant FreeBSD kernel plus keymanager. Has anyone done this before? My (na=EFve?) approach is to replace the crypto-dev driver with an openssl = fipscanister based crypto driver, use a second application layer openssl fi= pscanister for the key manager crypto and remove all non-fips crypto from t= he kernel. Unsure if FIPs allows two copies of fipscanister. Design is always easier when one is ignorant. regards THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MA= TERIAL and is thus for use only by the intended recipient. If you received = this in error, please contact the sender and delete the e-mail and its atta= chments from all computers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99C8B2929B39C24493377AC7A121E21FB032D08A74>