FIPS certification
Ken Raeburn
raeburn at MIT.EDU
Sat Feb 28 00:46:48 EST 2009
On Feb 28, 2009, at 00:29, Randy Turner wrote:
> I haven't completely analyzed MIT Kerberos, but I was wondering if
> it would be possible to get the MIT Kerberos subsystem to use the
> OpenSSL crypto API for any cryptographic support needed for Kerberos?
Not trivially. There's no reason it couldn't be adapted to the
OpenSSL crypto API (or the Apple CommonCrypto API, or anybody else's,
providing they provide all the basic functions), and it's been
discussed before, but the work hasn't been done yet.
> I'm assuming that MIT Kerberos has not been FIPS certified.
That's correct.
Ken
--
Ken Raeburn, Senior Programmer Analyst
MIT Kerberos Consortium http://www.kerberos.org/
More information about the Kerberos
mailing list