I just upgrade to 1.5 Mozilla Fire Fox, in Tools/Optiond/Security there is an enable FIPS option. What is it and what does it do?
Phil
I just upgrade to 1.5 Mozilla Fire Fox, in Tools/Optiond/Security there is an enable FIPS option. What is it and what does it do?
Phil
No matter what your beliefs are "GOD BLESS AMERICA"
Fully retired marine tech near 60 years in the biz.
Phil, This is from the OSS institute
The US National Institute of Standards and Technology (NIST) publishes the FIPS (Federal Information Processing Standard) series of standards. FIPS 140-1 and FIPS 140-2 are both technical standards and worldwide de-facto standards for the implementation of cryptographic modules. FIPS 140-2 supersedes the prior FIPS 140-1. FIPS 140 is a hardware standard that preceded FIPS 140-1. FIPS 140-2 is a technical standard. The Cryptographic Module Validation Program (CMVP) is a process (Lab accreditation, Derived Test Requirements, Implementation Guidance, etc.) encompassing validation testing for cryptographic module (FIPS 140-2) and cryptographic algorithm (FIPS 46-3, FIPS 180-1, FIPS 186-2, FIPS 197, etc.) implementations. The CMVP is a joint program between the US and Canada used by NIST (USA) and CSE (Canada). US Federal users may still use, retain, and deploy modules validated to FIPS 140-1. The FIPS 140-1 and FIPS 140-2 standards can be found at http://csrc.nist.gov/cryptval/ . Products that have received a NIST/CSE validation are listed on the Cryptographic Module Validation List at http://csrc.nist.gov/cryptval/140-1/1401val.htm. FIPS 140-2 is primarily of interest to U.S., Canadian, and UK government agencies which have formal policies requiring use of FIPS 140 validated cryptographic software. The availability of open source FIPS 140-2 validated cryptography will lower the cost and increase the availability of cryptographic applications for those governments. Usually cryptographic algorithm implementations, not complete applications or products, are FIPS -140-2 validated. Separate algorithm-specific validations of FIPS Approved algorithms are a pre-requisite to the FIPS 140-2 validation of the module in which they reside.
Da Taz
Da Taz
"Speed has never killed anyone. Suddenly becoming stationary will get you every time."
Wes
Wes now that you have totaly baffled me, does enabling it serve any purpose for the avaerage guys Like me?
Phil
No matter what your beliefs are "GOD BLESS AMERICA"
Fully retired marine tech near 60 years in the biz.
Enabling it promotes hair growth
Phil,
If you enable FIPS validation, you most likely will not be able to establish a secure session with every secure website that you try to go to. The websites that you go to (server) and your browser (client) negotiate in order to use the best encryption that both of them mutually support. If you enable FIPS validation and go to a secure website that is not able to use FIPS Validated encryption, then you will get an error and will be unable to connect to that site.
You can think of it like this:
Non-FIPS validated encryption = Good
FIPS Validated encryption = Better
Unless you feel that the Chinese government is trying to intercept your secure login to your favorite porn site, I wouldn't enable FIPS validation, no need to.
Greg Maier
1995 Donzi 22 Blackhawk
Had -0- clue what id did, I noticed it after I upgraded from 1.1 to 1.5, it was something I had not noticed before and was curious. Thanks for the input another thing left well enough alone!!!
Phil
No matter what your beliefs are "GOD BLESS AMERICA"
Fully retired marine tech near 60 years in the biz.
loose fips sink shipsOriginally Posted by MOP
When the sky is grey,look out to sea.
When the waves are high and the light is dying,
well raise a glass and think of me...
When I'm home again,
boys, I'll be buying!
My Ride
Come Join Us on The Queen Of American Lakes
Contact Us
www.lgdonziclassic.com
There are currently 1 users browsing this thread. (0 members and 1 guests)