* crypto: FIPS 200 mode
@ 2021-03-30 22:26 Randy Dunlap
2021-03-31 7:51 ` Stephan Mueller
0 siblings, 1 reply; 2+ messages in thread
From: Randy Dunlap @ 2021-03-30 22:26 UTC (permalink / raw)
To: Linux Crypto Mailing List, Herbert Xu, David Miller; +Cc: LKML
The Kconfig help text for CRYPTO_FIPS says
config CRYPTO_FIPS
bool "FIPS 200 compliance"
...
help
This option enables the fips boot option which is
required if you want the system to operate in a FIPS 200
certification. You should say no unless you know what
this is.
This seems confusing to me since it says "compliance" in one place and
"certification" in another place. And AFAICT, those two words don't
mean the same thing as far as NIST & FIPS are concerned.
Should it say "compliance" in both places? E.g.
help
This option enables the fips boot option which is
required if you want the system to operate in FIPS 200
compliance mode. You should say no unless you know what
this is.
thanks.
--
~Randy
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: crypto: FIPS 200 mode
2021-03-30 22:26 crypto: FIPS 200 mode Randy Dunlap
@ 2021-03-31 7:51 ` Stephan Mueller
0 siblings, 0 replies; 2+ messages in thread
From: Stephan Mueller @ 2021-03-31 7:51 UTC (permalink / raw)
To: Randy Dunlap, Linux Crypto Mailing List, Herbert Xu, David Miller; +Cc: LKML
Am Dienstag, dem 30.03.2021 um 15:26 -0700 schrieb Randy Dunlap:
>
> The Kconfig help text for CRYPTO_FIPS says
>
> config CRYPTO_FIPS
> bool "FIPS 200 compliance"
> ...
> help
> This option enables the fips boot option which is
> required if you want the system to operate in a FIPS 200
> certification. You should say no unless you know what
> this is.
>
> This seems confusing to me since it says "compliance" in one place and
> "certification" in another place. And AFAICT, those two words don't
> mean the same thing as far as NIST & FIPS are concerned.
>
>
> Should it say "compliance" in both places? E.g.
>
> help
> This option enables the fips boot option which is
> required if you want the system to operate in FIPS 200
> compliance mode. You should say no unless you know what
> this is.
Sounds good to me.
Ciao
Stephan
>
>
> thanks.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-03-31 7:52 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-30 22:26 crypto: FIPS 200 mode Randy Dunlap
2021-03-31 7:51 ` Stephan Mueller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).