[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Fwd: SAML Conformance SSL/TLS requirements
>> 1) The terms "FIPS TLS-Capable" and "TLS-Capable" are not defined. What does this mean, precisely. It means that if you have a FIPS implementation you can use the FIPS ciphersuites, otherwise use the corresponding TLS ciphersuites. The wording in the specification was an attempt to say you can use TLS (non-FIPS) ciphersuites or the FIPS equivalents. Didn't want to rule out FIPS implementations from conforming. Perhaps a footnote is required in the compliance document stating this? regards, Frederick Frederick Hirsch Nokia
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]