FIPS Module Specification: Difference between revisions

Jump to navigation Jump to search

FIPS Module Specification (view source)

Revision as of 02:17, 20 May 2006

177 bytes added ,  20 May 2006
→‎The Cryptographic Boundary
Line 75: Line 75:


===The Cryptographic Boundary===
===The Cryptographic Boundary===
NSS's PKCS #11 (Cryptoki) implementation forms the cryptographic module. The API itself is considered to define the cryptographic boundary, thus all implementation is considered below the boundary. Also included in this module is the FIPS PKCS #11 token. This is a Cryptoki token designed specifically for FIPS, and allows applications using NSS to operate in a strictly FIPS mode. The diagram below shows the relationship of the layers.
The NSS module is a multiple-chip standalone cryptographic module. The physical boundary of the NSS module is the enclosure of the general purpose computer it runs on.
 
NSS's PKCS #11 (Cryptoki) implementation forms the cryptographic module. The API itself is considered to define the logical cryptographic boundary, thus all implementation is considered below the boundary. Also included in this module is the FIPS PKCS #11 token. This is a Cryptoki token designed specifically for FIPS, and allows applications using NSS to operate in a strictly FIPS mode. The diagram below shows the relationship of the layers.


[[ Image:Fipsmod.png ]]
[[ Image:Fipsmod.png ]]
Wtchang
canmove, Confirmed users
937

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/26315"

Navigation menu