[dnsdist] Is dnsdist FIPS 140-2 Compliant?
Brian Sullivan
brian.sullivan at lookout.com
Tue Sep 17 13:53:17 UTC 2019
I am not a FIPs expert but a quick read seems to include just software. For
example, openssl has FIPS validated modules?
https://wiki.openssl.org/index.php/FIPS_modules. And by ensuring you are
using a FIPS validated module allows you to say your software is FIPS
"compliant".
Regards,
brian
On Tue, Sep 17, 2019 at 9:44 AM Stephane Bortzmeyer <bortzmeyer at nic.fr>
wrote:
> On Tue, Sep 17, 2019 at 09:14:54AM -0400,
> Brian Sullivan <brian.sullivan at lookout.com> wrote
> a message of 57 lines which said:
>
> > I have a question from our compliance team, is dnsdist FIPS 140-2
> compliant?
>
> I thought that FIPS-140 was about the security of hardware? With
> FIPS-140-2 requiring tamper evidence?
>
--
Brian M. Sullivan
Senior Staff Security Intelligence Engineer
bsullivan at lookout.com | www.lookout.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190917/c51b4cc9/attachment.htm>
More information about the dnsdist
mailing list