[Mono-dev] FIPS 140 cryptography
vgiszpenc at dsci.com
Thu Oct 11 11:04:54 EDT 2007
> No. The short story is that "it's a big, long and costly project" and
> that there's been, so far, not many demand for it (wrt to other Mono
I agree that there are more pressing needs, but it never hurts to voice
own so they are recognized. I am a big Mono proponent, but it is
to compete with Java on maturity of tools.
> While it's less elegant (imho) you can still use FIPS140 certified
> crypto in Mono by wrapping an existing toolkit (e.g. nss) in C# 
> using this as a replacement  for Mono's crypto (split in both
> Mono.Security and mscorlib).
The Java community has JSS. Would asking for a MonoSS be asking too
That seems like a big project as well. This is not even what I am
looking for. I need SSH. I found the capability in SharpSSH, but in
for me to make certification labs happy, I need the encryption used in
SSH implementation to be FIPS 140 compliant.
>  which is exactly what MS is doing on Windows: the FIPS140 crypto
> comes from CryptoAPI (managed stuff isn't certified) and wrapped in
> class library.
>  it's possible to remap cryptographic algorithms using
> (so all mono tools and *correctly* written applications/libraries will
> be using your own crypto).
That is nice for Windows, but I am targeting Linux. I would love to
some config file at NSS. Is there any chance such a thing will happen?
I am a little peon doing R&D hoping to move the Army toward accepting
Any help you can give me would be much appreciated!
DSCI Contractor Supporting
US Army CERDEC S&TCD IAD Tactical Network Protection Branch
More information about the Mono-devel-list