NSS 4.0 FIPS enabled for Windows

Hi All,
We are consuming NSS crpto libraries for our project. I had some queries regarding the FIPS compliance for NSS for Windows environment. 

NSS cryptographic libraries ver 4.0 currently is certified for Red Hat Linux based environments as per https://www.cryptsoft.com/fips140/out/cert/2711.html
&& https://www.cryptsoft.com/fips140/out/cert/2721.html

Is there any plan to support the FIPS compliance for Windows OS based environments for the current version? Will the current version be supported for Win platforms in the near future?

If so please share the details. 


Thanks,
Tanay
0
tanayc
1/9/2017 6:36:27 AM
mozilla.dev.security 618 articles. 0 followers. Post Follow

2 Replies
73 Views

Similar Articles

[PageSpeed] 15

On Monday, January 9, 2017 at 11:35:50 PM UTC+5:30, tanaysees wrote:
> Hi All,
> We are consuming NSS crpto libraries for our project. I had some queries regarding the FIPS compliance for NSS for Windows environment. 
> 
> NSS cryptographic libraries ver 4.0 currently is certified for Red Hat Linux based environments as per https://www.cryptsoft.com/fips140/out/cert/2711.html
> && https://www.cryptsoft.com/fips140/out/cert/2721.html
> 
> Is there any plan to support the FIPS compliance for Windows OS based environments for the current version? Will the current version be supported for Win platforms in the near future?
> 
> If so please share the details. 
> 
> 
> Thanks,
> Tanay

+ 1 for this. Anyone have any information on this one?
0
tapas
3/1/2017 4:22:51 AM
Tapas,  Tanay:

I'm not aware of any activity to re-valdiate FIPS for Windows targets at
this time. The last validation on Windows that I'm aware of was in 2009
[1], covering 32-bit Windows XP SP3, according to some of the certificates
at NIST CSRC [2].

It's possible that the previous validation will be sufficient for newer
versions of Windows, depending on the context in which you need to use a
validated module. CMVP would be the best source of guidance on that.

[1] https://wiki.mozilla.org/FIPS2009
[2] http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html#1128

Cheers,
J.C.

On Tue, Feb 28, 2017 at 9:22 PM, <tapas.adhikary@gmail.com> wrote:

> On Monday, January 9, 2017 at 11:35:50 PM UTC+5:30, tanaysees wrote:
> > Hi All,
> > We are consuming NSS crpto libraries for our project. I had some queries
> regarding the FIPS compliance for NSS for Windows environment.
> >
> > NSS cryptographic libraries ver 4.0 currently is certified for Red Hat
> Linux based environments as per https://www.cryptsoft.com/
> fips140/out/cert/2711.html
> > && https://www.cryptsoft.com/fips140/out/cert/2721.html
> >
> > Is there any plan to support the FIPS compliance for Windows OS based
> environments for the current version? Will the current version be supported
> for Win platforms in the near future?
> >
> > If so please share the details.
> >
> >
> > Thanks,
> > Tanay
>
> + 1 for this. Anyone have any information on this one?
> _______________________________________________
> dev-security mailing list
> dev-security@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security
>
0
J
3/2/2017 1:36:26 AM
Reply: