[Cryptography Team] Todays Meeting update
Cerebus
cerebus2 at gmail.com
Fri Dec 1 13:26:38 UTC 2006
On 12/1/06, Kyle Hamilton <aerowolf at gmail.com> wrote:
> Funny, I've found the opposite. (And I'm on the mailing lists for
> both, as well as the commit lists.) This doesn't necessarily mean
> that your experience is invalid.
It helps that I work for a company that manages an FFRDC supporting a
large PKI. My sponsor has RedHat under a couple of different
contracts that make them, shall we say, amiable to suggestion from
such a source as I. :)
> I have a copy of the OpenSSL FIPS-1.0 code, which I obtained before
> the certification was changed to "Not Available". This means that I
> am able to use it to demonstrate compliance in any binary software
> that I originate, even now -- I have procured it, and the "cannot be
> procured" applies to integrators, not end users. However, anyone who
> did not have the software as of the date it was marked "Not Available"
> cannot use it to demonstrate compliance.
I think this is compelling reason enough to drive implementations
toward NSS. Great information though, and I appreciate the insights.
> The reason for this is because there is a small amount of
> cryptographic code which resides outside the "security boundary" --
> i.e., the HMAC-digitally-signed binary library which is generated at
> OpenSSL-FIPS's compilation time. (There is a message from Dr. Stephen
> N. Henson in the openssl-dev mailing list archives which I can find
> and point you to, dating from either the end of July or sometime in
> the entire month of August, which goes into more detail.)
Please, if only to satisfy my own curiosity.
> It is literally impossible for
> a module in a general-purpose computing system to get anything more
> than a Level 1 validation, simply because general-purpose OSes have
> debugging capability which can examine the contents of memory owned by
> another process or library. A Level 2 validation shows resistance to
> such attacks.)
I see from the pre-val list that RedHat/Sun have a newer version of
NSS (I can't recall which version) in pending review (i.e., testing is
done & it has a recommendation) for both level 2 and level 1. Is
there something different that NSS has done that OpenSSL did not,
aside from the validation of source vs. validation of object?
-- Tim
More information about the Cryptography
mailing list