linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* crypto: FIPS 200 mode
@ 2021-03-30 22:26 Randy Dunlap
  2021-03-31  7:51 ` Stephan Mueller
  0 siblings, 1 reply; 2+ messages in thread
From: Randy Dunlap @ 2021-03-30 22:26 UTC (permalink / raw)
  To: Linux Crypto Mailing List, Herbert Xu, David Miller; +Cc: LKML


The Kconfig help text for CRYPTO_FIPS says

config CRYPTO_FIPS
	bool "FIPS 200 compliance"
...
	help
	  This option enables the fips boot option which is
	  required if you want the system to operate in a FIPS 200
	  certification.  You should say no unless you know what
	  this is.

This seems confusing to me since it says "compliance" in one place and
"certification" in another place. And AFAICT, those two words don't
mean the same thing as far as NIST & FIPS are concerned.


Should it say "compliance" in both places?  E.g.

	help
	  This option enables the fips boot option which is
	  required if you want the system to operate in FIPS 200
	  compliance mode.  You should say no unless you know what
	  this is.


thanks.
-- 
~Randy


^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: crypto: FIPS 200 mode
  2021-03-30 22:26 crypto: FIPS 200 mode Randy Dunlap
@ 2021-03-31  7:51 ` Stephan Mueller
  0 siblings, 0 replies; 2+ messages in thread
From: Stephan Mueller @ 2021-03-31  7:51 UTC (permalink / raw)
  To: Randy Dunlap, Linux Crypto Mailing List, Herbert Xu, David Miller; +Cc: LKML

Am Dienstag, dem 30.03.2021 um 15:26 -0700 schrieb Randy Dunlap:
> 
> The Kconfig help text for CRYPTO_FIPS says
> 
> config CRYPTO_FIPS
>         bool "FIPS 200 compliance"
> ...
>         help
>           This option enables the fips boot option which is
>           required if you want the system to operate in a FIPS 200
>           certification.  You should say no unless you know what
>           this is.
> 
> This seems confusing to me since it says "compliance" in one place and
> "certification" in another place. And AFAICT, those two words don't
> mean the same thing as far as NIST & FIPS are concerned.
> 
> 
> Should it say "compliance" in both places?  E.g.
> 
>         help
>           This option enables the fips boot option which is
>           required if you want the system to operate in FIPS 200
>           compliance mode.  You should say no unless you know what
>           this is.

Sounds good to me.

Ciao
Stephan
> 
> 
> thanks.



^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-03-31  7:52 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-30 22:26 crypto: FIPS 200 mode Randy Dunlap
2021-03-31  7:51 ` Stephan Mueller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).