ad-assurance - [AD-Assurance] RE: http://support.microsoft.com/kb/811833
Subject: Meeting the InCommon Assurance profile criteria using Active Directory
List archive
- From: Brian Arkills <>
- To: "" <>
- Subject: [AD-Assurance] RE: http://support.microsoft.com/kb/811833
- Date: Fri, 26 Apr 2013 16:51:11 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport01.merit.edu; dkim=neutral (message not signed) header.i=none
Here's that contact name ... From: [mailto:]
On Behalf Of Brian Arkills Answer from Tim Myers (Security Program Manager | Common Criteria and FIPS 140-2 Security Evaluations):
FIPS local policy doesn’t appear to impact PEK encryption. Ultimately, the Windows OS source code is the source of the answer. We probably want to keep Tim's name handy for other questions. From:
[]
On Behalf Of Brian Arkills I sent the following question off to the DS MVPs and AD product team representatives. I've gotten a response back that there is a special FIPS mailing list within Microsoft where my question has been sent along
to. I'll let folks know if/when I get something back on this. From: Brian Arkills
Does anyone know whether this FIPS setting also affects the encryption used by Active Directory for password encryption (and for the PEK encryption)? I suspect it doesn't, but I'd be really happy to learn that it does. :) If it doesn't, I think the KB should be modified to note that it doesn't affect all encryption processes that Windows uses so it isn't misleading. -B |
- [AD-Assurance] RE: http://support.microsoft.com/kb/811833, Brian Arkills, 04/26/2013
- [AD-Assurance] RE: http://support.microsoft.com/kb/811833, Capehart,Jeffrey D, 04/26/2013
Archive powered by MHonArc 2.6.16.