All of lore.kernel.org
 help / color / mirror / Atom feed
From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Is dm-crypt LUKS  FIPS 140-2 compliant
Date: Tue, 20 Mar 2012 17:23:09 +0100	[thread overview]
Message-ID: <20120320162309.GA3973@tansi.org> (raw)
In-Reply-To: <1332260115.31684.YahooMailNeo@web130102.mail.mud.yahoo.com>

That is a bit difficult to answer. It seems that 
LUKS is indeed FIPS 140-1 compliant. However it is
not FIPS 140-1 certified (and once a specific implementation
is, it cannot be changed anymore without losing
that certification it seems). 

AFAIK there are efforts underway to get a specific 
implementation (RHEL6) certified. If you go into the
mailing lost archive at
 http://dir.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt
and search for "FIPS", you can find more on this question.

Arno


On Tue, Mar 20, 2012 at 09:15:15AM -0700, Alex Szczuka wrote:
> ?
> Hi,
> ?
> ?My question is about???FIPS certification.? 
> ?Is the dm-crypt LUKS FIPS 140 compliant? or? is 
> it going to be in? the future?
> ?
> Thanks? 
> Alex

> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell 

      reply	other threads:[~2012-03-20 16:23 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-03-20 16:15 [dm-crypt] Is dm-crypt LUKS FIPS 140-2 compliant Alex Szczuka
2012-03-20 16:23 ` Arno Wagner [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120320162309.GA3973@tansi.org \
    --to=arno@wagner.name \
    --cc=dm-crypt@saout.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.