[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PKCS#1 in IKE vs. FIPS certification

To: IP Security List <ipsec@lists.tislabs.com>
Subject: Re: PKCS#1 in IKE vs. FIPS certification
From: Henry Spencer <henry@spsystems.net>
Date: Thu, 15 Mar 2001 12:35:40 -0500 (EST)
In-Reply-To: <3AB0EEC1.87F38D05@F-Secure.com>
Sender: owner-ipsec@lists.tislabs.com

On Thu, 15 Mar 2001, Ari Huttunen wrote:
> I just learned that FIPS will no longer approve the PKCS#1 standard...
> So, will this mean that starting in June it will not be possible to
> create IKE/IPsec products for the US federal market, and use RSA signatures
> or RSA encryption? Or does it mean something else?

No, even in the worst case, it just means that products for the US federal
market have to have two modes:  federal-spec-compliant mode, and actual-use
mode. 

This is far from new.  For purposes of US federal procurement, Windows is
POSIX compliant.  Not that you can actually *do* anything useful with it
when running that way, but technically it meets the spec.

                                                          Henry Spencer
                                                       henry@spsystems.net

References:

PKCS#1 in IKE vs. FIPS certification

From: Ari Huttunen <Ari.Huttunen@F-Secure.com>

Prev by Date: Re: Agenda for the Minneapolis meeting
Next by Date: RE: PKCS #1 in IKE vs. FIPS certification
Prev by thread: PKCS#1 in IKE vs. FIPS certification
Next by thread: RE: PKCS #1 in IKE vs. FIPS certification
Index(es):
- Main
- Thread