W3C home > Mailing lists > Public > public-xmlsec@w3.org > December 2011

Re: FIPS 140-2 Inquiry Regarding XML Encryption

From: Cantor, Scott <cantor.2@osu.edu>
Date: Sun, 4 Dec 2011 23:26:22 +0000
To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>, "public-xmlsec@w3.org" <public-xmlsec@w3.org>
CC: "Jeff.Krug@gtri.gatech.edu" <Jeff.Krug@gtri.gatech.edu>
Message-ID: <CB016B7E.1AB55%cantor.2@osu.edu>
On 12/4/11 6:09 PM, "Frederick.Hirsch@nokia.com"
<Frederick.Hirsch@nokia.com> wrote:
>The original MGF variant whose URL you note uses SHA1. Do you have any
>specific comment on the concerns related to FIPS?

His "base" question is really whether any OAEP transport algorithm is FIPS
compliant. I think it has to be, and if not FIPS probably needs an update.
I suggested he post here  because of the govt contractor types that hang

-- Scott
Received on Sunday, 4 December 2011 23:27:04 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:17 UTC