NSSCryptoModuleSpec/Section 1: Cryptographic Module Specification: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
''This is a draft document'' | |||
{| border="1" cellpadding="2" | |||
|+ | |||
|- | |||
! | |||
Document Description | |||
! | |||
DTR | |||
Section | |||
! | |||
Assessment | |||
! | |||
Status | |||
|- | |||
|'''Approved mode of operation''' || | |||
[http://wiki.mozilla.org/VE_01#VE.01.03.01 VE.01.03.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.03.02 VE.01.03.02 ] | |||
|| | |||
[http://www.mozilla.org/projects/security/pki/nss/fips/secpolicy.pdf Security Policy Rule 33] <br> | |||
[http://wiki.mozilla.org/FIPS_Module_Specification#Approved_Mode_of_Operation Approved Mode of Operation] | |||
|| Draft | |||
|- | |||
|'''Processor interfaces''' | |||
| [http://wiki.mozilla.org/VE_01#VE.01.06.01 VE.01.06.01 ]<br> [http://wiki.mozilla.org/VE_01#VE.01.06.02 VE.01.06.02 ] | |||
| (N/A) NSS is a software cryptographic module that runs on a general purpose computer. || Draft | |||
|- | |||
|'''Modules Components''' | |||
| [http://wiki.mozilla.org/VE_01#VE.01.08.01 VE.01.08.01 ] <br> [http://wiki.mozilla.org/VE_01#VE.01.08.02 VE.01.08.02 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#Module_Components Module Components]|| Draft | |||
|- | |||
|'''Cryptographic Boundary'''|| | |||
[http://wiki.mozilla.org/VE_01#VE.01.08.03 VE.01.08.03 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.08.04 VE.01.08.04 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.08.05 VE.01.08.05 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#The_Cryptographic_Boundary Cryptographic Boundary]|| Draft | |||
|- | |||
|'''Physical Description'''|| | |||
[http://wiki.mozilla.org/VE_01#VE.01.08.06 VE.01.08.06 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.08.07 VE.01.08.07 ] | |||
| (N/A) a general purpose computer || Draft | |||
|- | |||
|'''Excluded Components'''|| | |||
[http://wiki.mozilla.org/VE_01#VE.01.09.01 VE.01.09.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.09.02 VE.01.09.02 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#Module_Components Module Components]|| Draft | |||
|- | |||
|'''Algorithm Certificates'''|| | |||
[http://wiki.mozilla.org/VE_01#VE.01.12.01 VE.01.12.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.12.02 VE.01.12.02 ] | |||
| [http://wiki.mozilla.org/FIPS_Validation#Algorithms Approved Algorithms] | |||
Non-Approved algorithms may only be used in non-FIPS mode, unless an exception is noted: | |||
* MD2 | |||
* MD5: may be used in the TLS pseudo-random function (PRF) in FIPS mode | |||
* DES: may be used for interoperation with legacy systems in FIPS mode | |||
* RC2 | |||
* RC4 | |||
|| Draft | |||
|- | |||
|'''Hardware Diagrams'''|| | |||
[http://wiki.mozilla.org/VE_01#VE.01.13.01 VE.01.13.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.13.02 VE.01.13.02 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.13.03 VE.01.13.03 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#Hardware_Diagram Hardware Diagram] || Draft | |||
|- | |||
|'''Block Diagram'''|| | |||
[http://wiki.mozilla.org/VE_01#VE.01.13.04 VE.01.13.04 ] | |||
| The physical cryptographic boundary of the NSS module surrounds all the components of the general purpose computer. The logical cryptographic boundary is shown in [http://wiki.mozilla.org/FIPS_Module_Specification#The_Cryptographic_Boundary Cryptographic Boundary] | |||
|| Draft | |||
|- | |||
|'''Design Specification'''|| | |||
[http://wiki.mozilla.org/VE_01#VE.01.14.01 VE.01.14.01 ] | |||
|The design of the software contained in the NSS module is specified in [http://wiki.mozilla.org/FIPS_Module_Specification#Design_Specification Design Specification] || Draft | |||
|- | |||
|'''Security Policy'''|| | |||
[http://wiki.mozilla.org/VE_01#VE.01.15.01 VE.01.15.01 ] <br> | |||
[http://wiki.mozilla.org/VE_01#VE.01.16.01 VE.01.16.01 ] | |||
| [http://wiki.mozilla.org/FIPS_Module_Specification#Security-Related_Information Security-Related Information] <br> [http://www.mozilla.org/projects/security/pki/nss/fips/secpolicy.pdf Security Policy] | |||
|| Draft | |||
|} | |||
Return to: [[NSSCryptoModuleSpec]] | |||
Revision as of 18:56, 9 March 2007
This is a draft document
|
Document Description |
DTR Section |
Assessment |
Status |
|---|---|---|---|
| Approved mode of operation | Draft | ||
| Processor interfaces | VE.01.06.01 VE.01.06.02 |
(N/A) NSS is a software cryptographic module that runs on a general purpose computer. | Draft |
| Modules Components | VE.01.08.01 VE.01.08.02 |
Module Components | Draft |
| Cryptographic Boundary | Cryptographic Boundary | Draft | |
| Physical Description | (N/A) a general purpose computer | Draft | |
| Excluded Components | Module Components | Draft | |
| Algorithm Certificates | Approved Algorithms
Non-Approved algorithms may only be used in non-FIPS mode, unless an exception is noted:
|
Draft | |
| Hardware Diagrams | Hardware Diagram | Draft | |
| Block Diagram | The physical cryptographic boundary of the NSS module surrounds all the components of the general purpose computer. The logical cryptographic boundary is shown in Cryptographic Boundary | Draft | |
| Design Specification | The design of the software contained in the NSS module is specified in Design Specification | Draft | |
| Security Policy | Security-Related Information Security Policy |
Draft |
Return to: NSSCryptoModuleSpec