Steve Marquess
writes:
>> Are you certain? For a user-space component like OpenSSL, this is
>> obviously true, but I think you could argue that a kernel module's
>> "Operational Environment" has no relation to the Linux distro, only to
>> the kernel it's loaded by and the hardware architecture (
On 03/27/2015 04:45 AM, Henrik Grindal Bakken wrote:
> Steve Marquess
> writes:
>
>>> If the CMVP bureaucracy insists on a specific kernel version
>>> for the platform number, this should be one of the "Long Term
>>> Support" kernel releases to maximize longevity (assuming that
>>> regular OS pat
Steve Marquess
writes:
>> If the CMVP bureaucracy insists on a specific kernel version
>> for the platform number, this should be one of the "Long Term
>> Support" kernel releases to maximize longevity (assuming that
>> regular OS patching within a version number is still accepted
>> as "same pla
On 26/03/2015 22:29, Steve Marquess wrote:
On 03/26/2015 01:41 PM, Jakob Bohm wrote:
On 26/03/2015 16:56, Steve Marquess wrote:
On 03/26/2015 11:30 AM, John Foley wrote:
We looked at this very briefly a couple of years ago. In theory, there
may be a way to achieve the goal as a loadable kerne
On 03/26/2015 01:41 PM, Jakob Bohm wrote:
> On 26/03/2015 16:56, Steve Marquess wrote:
>> On 03/26/2015 11:30 AM, John Foley wrote:
>>> We looked at this very briefly a couple of years ago. In theory, there
>>> may be a way to achieve the goal as a loadable kernel module (a.k.a.
>>> device driver)
On 26/03/2015 16:56, Steve Marquess wrote:
On 03/26/2015 11:30 AM, John Foley wrote:
We looked at this very briefly a couple of years ago. In theory, there
may be a way to achieve the goal as a loadable kernel module (a.k.a.
device driver). The idea would be to have a kernel module that provid
On 03/26/2015 01:00 PM, Marcus Meissner wrote:
> ...
>>
>> Unfortunately FIPS 140-2 validation conflicts rather violently with open
>> source software (and with software engineering best practice in general,
>> for that matter). Even if some benevolent benefactor ponied up the
>> quarter megabuck i
On Thu, Mar 26, 2015 at 10:57:28AM -0400, Steve Marquess wrote:
> On 03/25/2015 06:26 PM, jone...@teksavvy.com wrote:
> > On Wed, 25 Mar 2015 17:03:04 -0400
> > Steve Marquess wrote:
> >
> >> I wasn't aware the Linux kernel (the real one, not proprietary
> >> commercial derivatives) had a "FIPS"
On 03/26/2015 11:30 AM, John Foley wrote:
> We looked at this very briefly a couple of years ago. In theory, there
> may be a way to achieve the goal as a loadable kernel module (a.k.a.
> device driver). The idea would be to have a kernel module that provides
> crypto support. This kernel module
We looked at this very briefly a couple of years ago. In theory, there
may be a way to achieve the goal as a loadable kernel module (a.k.a.
device driver). The idea would be to have a kernel module that provides
crypto support. This kernel module would be the FIPS object module,
with the FIP
On 03/25/2015 06:26 PM, jone...@teksavvy.com wrote:
> On Wed, 25 Mar 2015 17:03:04 -0400
> Steve Marquess wrote:
>
>> I wasn't aware the Linux kernel (the real one, not proprietary
>> commercial derivatives) had a "FIPS" mode. Please enlighten me.
>
> It could very well be that the word 'mode' i
On Wed, 25 Mar 2015 17:03:04 -0400
Steve Marquess wrote:
> I wasn't aware the Linux kernel (the real one, not proprietary
> commercial derivatives) had a "FIPS" mode. Please enlighten me.
It could very well be that the word 'mode' is not the right one.
'option' would perhaps be better. This art
On 03/25/2015 04:12 PM, jonetsu wrote:
> Hello,
>
> This is not about OpenSSL, although from experience, maybe some know
> the answer. Does anyone know if actual documentation exists for the
> Linux kernel FIPS mode apart from the source itself ? There is
> nothing in Documentation/ as per 3.18.2
On Wed, Mar 25, 2015 at 4:12 PM, jonetsu wrote:
> Hello,
>
> This is not about OpenSSL, although from experience, maybe some know the
> answer. Does anyone know if actual documentation exists for the Linux kernel
> FIPS mode apart from the source itself ? There is nothing in Documentation/
>
Hello,
This is not about OpenSSL, although from experience, maybe some know the
answer. Does anyone know if actual documentation exists for the Linux kernel
FIPS mode apart from the source itself ? There is nothing in Documentation/ as
per 3.18.2. - thanks.
Regards.
_
15 matches
Mail list logo