Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-49525

[RFE] support FIPS-186-5 (eddsa) (RHCS / NSS)

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Medium
    • rhel-idm-pki
    • ssg_idm
    • 0.1
    • False
    • False
    • Hide

      None

      Show
      None
    • Yes
    • None
    • None
    • None
    • If docs needed, set a value
    • None
    • 57,005

      Description of problem:

      this is a really wide statement: support FIPS-186-5

      we "only" reference and support FIPS-186-4 from July 2013 in the install guide at
      "
      https://access.redhat.com/documentation/en-us/red_hat_certificate_system/10/pdf/planning_installation_and_deployment_guide/Red_Hat_Certificate_System-10-Planning_Installation_and_Deployment_Guide-en-US.pdf
      3.2. ALLOWED KEY ALGORITHMS AND THEIR SIZES
      "

      FIPS-186-5 has been superseding FIPS-186-4 since October 2019

      I do not know all the differences and implications, but this should be explored.

      For example, one public sector customer has a requirement for "Edwards-Curve Digital Signature Algorithm" / EdDSA support, which we do not have in NSS.

      Version-Release number of selected component (if applicable):
      RHCS-10 on RHEL-8

      How reproducible:

      Steps to Reproduce:
      1.
      2.
      3.

      Actual results:

      Expected results:

      Additional info:

              rhn-support-msauton Marc Sauton
              rhn-support-msauton Marc Sauton
              Robert Relyea Robert Relyea
              Alexander Sosedkin Alexander Sosedkin
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: