Prev-20 Home Next-20 3 msg New in GPG KEY Problem 1 msg new (2007-01-07) keyanalyze results (+sigcheck) 3 msg About FIPS Rephrasing the question \ Stan Rydzewski (4 Jan 2007) . \ Robert J. Hansen (4 Jan 2007) . . \ Werner Koch (5 Jan 2007) 1 msg Error with keyring 4 msg Connecticut DSS Requirements for Electronic Sig... 6 msg signatures using S-Trust smart card 6 msg Import PGP Secret Keys 3 msg gpg-agent: hide my passphrase length 1 msg upgrade errors? 7 msg Still Bad Signatures - KGPG seems broken 2 msg gpg-agent directories in /tmp 3 msg Making Progress, Still having Bad Signatures. 2 msg unable to find valid key for.... 5 msg USB vs Smart Card? 3 msg Signature notations? 6 msg Issues w/Daylight Savings Time in 2007 ? 9 msg gnupg clearsigning question 1 msg compiling gpgme with bcc 1 msg new (2006-12-24) keyanalyze results (+sigcheck) Prev-20 Home Next-20

Prev-Msg Prev-Thread Gnupg-users Jan-2007 Next-Thread Next-Msg Subject: Rephrasing the question Group: Gnupg-users From: Stan Rydzewski Date: 4 Jan 2007 Hello. I am part of a team creating a communcations process by which hospitals would submit files periodically to a government organization in the United States. We were contemplating using GPG as part of this process. A few days ago, one of the hospitals involved stated "The VA requires that all encryption MUST be FIPS140-2 compliant. Do you know if this program is?" Well not only do I not know, I'm not entirely sure how to tell. I asked about this yesterday, but somewhat sketchily. Allow me to elaborate a bit. On the one hand it appears to me that GPG implements algorithms listed here: http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf as regards encryption, hashing, and authentication. But on the other hand GPG itself does not seem to be listed here: http://csrc.nist.gov/cryptval/140-1/1401val2003.htm#329 I'm not sure whether it even makes sense to think that it /could/ be on that list. I know this is all very basic stuff but I'm looking for a little guidance here. In searching the archives (yes, got that part) I can find only a few oblique references to FIPS. --Stan Rydzewski _______________________________________________ Gnupg-users mailing list Gnupg-users http://lists.gnupg.org/mailman/listinfo/gnupg-users Prev-Msg Prev-Thread Gnupg-users Jan-2007 Next-Thread Next-Msg

© 2004-2008 readlist.com