On 7/7/2015 1:50 PM, Bill Bogstad wrote:
Unless the FIPS certifying agency does code audits,
Which it must:
http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
Source code examination is a requirement for FIPS 140-2 cryptographic
module certification with higher security levels requiring additional
documentation and specifications. Consumer and enterprise SEDs are
usually Security Level 2 and the security profiles are matters of public
record.
--
Rich P.
_______________________________________________
Discuss mailing list
Discuss@blu.org
http://lists.blu.org/mailman/listinfo/discuss