[Cscwg-public] Small typo

Corey Bonnell Corey.Bonnell at digicert.com
Wed Mar 31 16:51:31 UTC 2021 

FWIW, (TLS) BR section 6.2.7 uses the term " FIPS 140 level 3". If we modify the CSBRs to explicitly mention FIPS 140-2 and 140-3 (as opposed to just "FIPS 140"), it would be good to raise this on servercert-wg so we can align on terminology across policy documents.

Thanks,
Corey

-----Original Message-----
From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Dimitris Zacharopoulos (HARICA) via Cscwg-public
Sent: Wednesday, March 31, 2021 3:48 AM
To: Tomas Gustavsson <tomas.gustavsson at primekey.com>; cscwg-public at cabforum.org
Subject: Re: [Cscwg-public] Small typo



On 31/3/2021 10:12 π.μ., Tomas Gustavsson via Cscwg-public wrote:
>
> How about 140-3 then? 140-3 certifications have started we should 
> expect crypto modules with 140-3 appear soonish.
>

I am sure any auditor would consider 140-3 as "equivalent" or better than 140-2 but it's better to be explicit.

Does FIPS keep a structure of levels (2, 3, 4) for the 140-3 certifications as they had for the 140-2? If so, the text could be:

"A hardware crypto module with a unit design form factor certified as conforming to at least FIPS 140-2 Level 2, FIPS 140-3 Level 2, Common Criteria EAL 4+, or equivalent. "

Dimitris.
>
> On 2021-03-31 08:32, Adriano Santoni via Cscwg-public wrote:
>> All,
>>
>> I think I spotted a small typo in the current CSBR.
>>
>> Section 16.3 item 2 reads:
>>
>> "A hardware crypto module with a unit design form factor certified as 
>> conforming to at least FIPS 140 Level 2, Common Criteria EAL 4+, or 
>> equivalent. "
>>
>> That should probably have been:
>>
>> "A hardware crypto module with a unit design form factor certified as 
>> conforming to at least FIPS 140*-2* Level 2, Common Criteria EAL 4+, 
>> or equivalent. "
>>
>> Adriano
>>
>>
>>
>> _______________________________________________
>> Cscwg-public mailing list
>> Cscwg-public at cabforum.org
>> https://lists.cabforum.org/mailman/listinfo/cscwg-public
>>
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public

_______________________________________________
Cscwg-public mailing list
Cscwg-public at cabforum.org
https://lists.cabforum.org/mailman/listinfo/cscwg-public
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4990 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210331/4b13d61c/attachment.p7s>

More information about the Cscwg-public mailing list