This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] manual/crypt.texi: Mention FIPS 140-2 compliance and Secure RPC.
- From: Roland McGrath <roland at hack dot frob dot com>
- To: "Carlos O'Donell" <carlos at redhat dot com>
- Cc: Alexandre Oliva <aoliva at redhat dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Thu, 3 Oct 2013 12:53:45 -0700 (PDT)
- Subject: Re: [PATCH] manual/crypt.texi: Mention FIPS 140-2 compliance and Secure RPC.
- Authentication-results: sourceware.org; auth=none
- References: <524CDC85 dot 5080000 at redhat dot com>
> +@cindex AUTH_DES
@vindex for an identifier.
> +@cindex FIPS 140-2
> It also provides support for Secure RPC, and some library functions that
> -can be used to perform normal DES encryption.
> +can be used to perform normal DES encryption. The use of DES when
> +using @code{AUTH_DES} in Secure RPC for authentication as provided by
> +@theglibc{} is not FIPS 140-2 compliant nor is any other use of DES
> +within @theglibc{}. It is recommended that Secure RPC should not be used
> +for systems that need to be FIPS 140-2 compliant since all forms of
> +supported authentication use normal DES.
Two spaces between sentences. "is not FIPS 140-2 compliant" is a bit
awkward, especially since to my eye it should be "blah-compliant" rather
than "blah compliant". I think "does not comply with FIPS 140-2" works
better (and "need to comply with FIPS 140-2" later).