August 12, 2015

NIST Seeking Public Comments on ISO/IEC 19790:2012

NIST announced today that they are seeking public comments on using ISO/IEC standards for cryptographic algorithm and cryptographic module testing, conformance, and validation activities, currently specified by Federal Information Processing Standard (FIPS) 140-2.

The responses to this request will be used to plan possible changes to the FIPS standard or in a decision to use all or part of ISO/IEC 19790:2012, Security Requirements for Cryptographic Modules, for testing, conformance and validation of cryptographic algorithms and modules.

The comment period is 45 days (September 28, 2015) and all are encouraged to provide feedback.  Seeing as though the next revision of the FIPS standard is long overdue, the hope is that the comments that are provided help NIST converge on a solution.  Even if not all aspects of the current ISO standard are perfect, it is still a big improvement compared to continuing to test to FIPS 140-2.  

2 comments:

  1. Excellent sharing about ISO Standard thank you for sharing.

    ReplyDelete
  2. hi was just seeing if you minded a comment. i like your website and the thme you picked is super. I will be back. PCI DSS toolkit

    ReplyDelete