On 12/1/06, Kyle Hamilton aerowolf@gmail.com wrote:
I see from the pre-val list that RedHat/Sun have a newer version of NSS (I can't recall which version) in pending review (i.e., testing is done & it has a recommendation) for both level 2 and level 1. Is there something different that NSS has done that OpenSSL did not, aside from the validation of source vs. validation of object?
This I don't know. I'm not a member of the FIPS administration/development list. However, as RedHat is one of the sponsors for it, perhaps you could find out from their support team? (I would like to know, actually. I'm looking at the 140-2 document, describing what would be necessary -- "locks or tamper evidence" is the part that software-only systems cannot do.)
RedHat tells me:
NSS 3.11.4 is what's currently being evaluated. The level 2 eval is on trusted platforms (Trusted Solaris and a Trusted Linux built on RHEL4).
-- Tim