New Implementation Guidance:
- 11.1 Mitigation of Other Attacks
- D.4 Requirements for Vendor Affirmation of NIST SP 800-56B
- D.5 Requirements for Vendor Affirmation of NIST SP 800-108
- D.6 Requirements for Vendor Affirmation of NIST SP 800-132
- D.7 Requirements for Vendor Affirmation of NIST SP 800-135
- G.3 Partial Validations and Not Applicable Areas of FIPS 140-2
- Modified in regard to new IG 11.1
- G.6 Modules with both a FIPS mode and a non-FIPS mode
- Clarification that all implemented algorithms shall be referenced on the validation certificate.
- G.8 Revalidation Requirements
- Added security policy requirements for revalidation Scenarios 1 and 4
- G.13 Instructions for Validation Information Formatting
- Added examples for CVL and KTS
- 1.4 Binding of Cryptographic Algorithm Validation Certificates
- Added examples of an operational environment change
- D.1 CAVP Requirements for Vendor Affirmation of NIST SP 800-56A
- Modified the testing for primitives
- D.2 Acceptable Key Establishment Protocols
- Modified the transition text and key agreement guidance
No comments:
Post a Comment