[swift-server-dev] FIPS certification
drew at sealedabstract.com
Tue Feb 21 18:04:18 CST 2017
On February 21, 2017 at 3:59:13 PM, Gelareh Taban (gtaban at us.ibm.com) wrote:
- Having a compliance tick mark helps Swift adoption in the larger ecosystem, esp if similar guarantees can be made on both macOS and Linux platforms.
I may be misreading something, but I think this guarantee is not even made.
Per , the validation is issued for various configurations with names like "Ubuntu 10.04 running on Intel Pentium T4200 (gcc Compiler Version 4.1.3)" which is, as far as I'm aware, not a supported configuration for Swift. Which of the validated configurations do we intend to support?
Second, my understanding is that the FIPS-validated OpenSSL is not even packaged by e.g. Ubuntu, in part due to the backdoor concerns I raised earlier . Do we intend to package the FIPS module ourselves and distribute to the supported platforms? Or what exactly is a user's path to running a FIPS-validated module? Because `apt-get install openssl`does not tick the box.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the swift-server-dev