MozillaWiki

Security Policy: Difference between revisions

Page Discussion

Security Policy (view source)

Revision as of 20:55, 23 March 2007

5,228 bytes removed ,  23 March 2007
m
no edit summary
mNo edit summary
 
(3 intermediate revisions by the same user not shown)
Line 2: Line 2:


[http://www.mozilla.org/projects/security/pki/nss/fips/secpolicy.pdf Security Policy]
[http://www.mozilla.org/projects/security/pki/nss/fips/secpolicy.pdf Security Policy]
==Authentication Policy==
== Results of FIPS 140-2 Level 2 Validation of NSS Cryptographic Module 3.11.5 ==
<table width="100%" border="1" cellspacing="2" cellpadding="2">
          <tr>
            <td valign="Top" align="Center"><font size="+1"><b>FIPS 140-2<br>Section<br>
            </b></font></td>
            <td valign="Top" align="Center"><font size="+1"><b>Description<br>
            </b></font></td>
            <td valign="Top" align="Center"><font size="+1"><b>Validation<br>      Level <br>Obtained<br>
            </b></font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">1.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Cryptographic Module Specification<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">2.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Cryptographic Module Ports and Interfaces<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">3.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Roles, Services, and Authentication<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">4.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Finite State Model<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">5.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Physical Security<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">6.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Operational Enviroment<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">7.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Cryptographic Key Management<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">8.0<br>
            </font></td>
            <td valign="Top"><font size="+1">EMI/EMC<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">9.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Self-Tests<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2</font><br>
            </td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">10.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Design Assurance<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
            <tr>
            <td valign="Top" align="Left"><font size="+1">11.0<br>
            </font></td>
            <td valign="Top"><font size="+1">Mitigation of Other Attacks<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
          <tr>
            <td valign="Top" align="Left"><font size="+1">C<br>
            </font></td>
            <td valign="Top"><font size="+1">Cryptographic Module Security Policy<br>
            </font></td>
            <td valign="Top" align="Center"><font size="+1">2<br>
            </font></td>
          </tr>
</table>
== Platform List ==
* Level 1
** Red Hat Enterprise Linux 4 x86
** Windows XP Service Pack 2
** 64-bit Solaris 10 AMD64
** HP-UX B.11.11 PA-RISC
** Mac OS X 10.4
* Level 2
** Red Hat Enterprise Linux 4 x86_86
** 64-bit Trusted Solaris 8 SPARC
== References ==
[1] P. Kocher, "Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems," CRYPTO '96, Lecture Notes In Computer Science, Vol. 1109, pp. 104-113, Springer-Verlag, 1996. (http://www.cryptography.com/timingattack/)
[2] D. Boneh and D. Brumley, "Remote Timing Attacks are Practical," http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html.
[3] C. Percival, "Cache Missing for Fun and Profit," http://www.daemonology.net/papers/htt.pdf.
[4] N. Ferguson and B. Schneier, Practical Cryptography, Sec. 16.1.4 "Checking RSA Signatures", p. 286, Wiley Publishing, Inc., 2003.
[[Category:NSS]]
Glen
219

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/52834...52838"