mace-opensaml-users - Re: [OpenSAML] How to use OpenSAML and maintain FIPS 140-1 compliance?
Subject: OpenSAML user discussion
List archive
- From: "Cantor, Scott E." <>
- To: "" <>
- Subject: Re: [OpenSAML] How to use OpenSAML and maintain FIPS 140-1 compliance?
- Date: Thu, 23 Jun 2011 19:21:49 +0000
- Accept-language: en-US
On 6/23/11 3:13 PM, "Chris Fasbinder"
<>
wrote:
>I am working on a project where we are considering using OpenSAML. The
>product we plan to update currently uses a third party cryptography module
>that has been validated by NIST for FIPS 140-1 compliance. We would like
>to
>continue to use that third party cryptography module for all cryptography
>to
>not require our own validation by NIST, unless the cryptography module
>used by
>OpenSAML has already by validated for FIPS 140-1 compliance. Since my
>company
>discourages employees from viewing third party open source code, I would
>like
>to know how I can plug-in what cryptography module OpenSAML will use. The
>third party cryptography module we currently use does provide a JSSE
>provider.
JSSE is the SSL layer. The crypto in OpenSAML is JCE (and it's pluggable
via that mechanism).
The only place the SSL might come into play is the SOAP client code, Chad
or Brent could speak to that.
-- Scott
- [OpenSAML] How to use OpenSAML and maintain FIPS 140-1 compliance?, Chris Fasbinder, 06/23/2011
- Re: [OpenSAML] How to use OpenSAML and maintain FIPS 140-1 compliance?, Cantor, Scott E., 06/23/2011
- Re: [OpenSAML] How to use OpenSAML and maintain FIPS 140-1 compliance?, Christopher Fasbinder, 06/23/2011
- Re: [OpenSAML] How to use OpenSAML and maintain FIPS 140-1 compliance?, Cantor, Scott E., 06/23/2011
Archive powered by MHonArc 2.6.16.