[dnsdist] Is dnsdist FIPS 140-2 Compliant?

Brian Sullivan brian.sullivan at lookout.com
Tue Sep 17 13:53:17 UTC 2019


I am not a FIPs expert but a quick read seems to include just software. For
example, openssl has FIPS validated modules?
https://wiki.openssl.org/index.php/FIPS_modules. And by ensuring you are
using a FIPS validated module allows you to say your software is FIPS
"compliant".

Regards,
brian

On Tue, Sep 17, 2019 at 9:44 AM Stephane Bortzmeyer <bortzmeyer at nic.fr>
wrote:

> On Tue, Sep 17, 2019 at 09:14:54AM -0400,
>  Brian Sullivan <brian.sullivan at lookout.com> wrote
>  a message of 57 lines which said:
>
> > I have a question from our compliance team, is dnsdist FIPS 140-2
> compliant?
>
> I thought that FIPS-140 was about the security of hardware? With
> FIPS-140-2 requiring tamper evidence?
>


-- 



Brian M. Sullivan
Senior Staff Security Intelligence Engineer
bsullivan at lookout.com |  www.lookout.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190917/c51b4cc9/attachment.htm>


More information about the dnsdist mailing list