> > Am newbie to gpg encryption. My question is > > Is gpg FIPS compliance. > > A quick search reveals its not. > > http://lists.gnupg.org/pipermail/gnupg-users/2007-January/030159.html > > Where as in this link its states that libgcrypt is FIPS complaint and its > need to be put in that mode explicitly. > > http://www.gnupg.org/documentation/manuals/gcrypt/Enabling-FIPS-mode.html > > > Since libgcrypt library is being used by gpg tool. can we say that gpg > is fips complaint. > > >
As far as I know, FIPS requirements are quite specific. Library may have been implemented and complaints to FIPS requirement -- but all components would need to be complaints to FIPS to be able to call it FIPS complaint. (and I don't have answer for that...) If your question is if GnuPG is FIPS *certified* then answer is probably no, unless someone has submitted some particular version of GnuPG for certification and passed it. Hideki Saito <hide...@gmail.com> Buzz: hide...@gmail.com Wave: hide...@googlewave.com
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users