NSSCryptoModuleSpec/Section 1: Cryptographic Module Specification: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 69: Line 69:
|| Draft
|| Draft
|-
|-
|'''Specification'''||
|'''Design Specification'''||
[http://wiki.mozilla.org/VE_01#VE.01.14.01 VE.01.14.01 ]
[http://wiki.mozilla.org/VE_01#VE.01.14.01 VE.01.14.01 ]
|[http://wiki.mozilla.org/Section_4:_Finite_State_Model Module Specification] || Draft
|[http://wiki.mozilla.org/Section_4:_Finite_State_Model Finite State Model and Description] <br> [http://www.mozilla.org/projects/security/pki/nss/intro.html Introduction to NSS] <br> [http://www.mozilla.org/projects/security/pki/nss/nss-guidelines.html NSS API Guidelines] <br> [http://www.mozilla.org/projects/security/pki/nss/devel/pk11wrap.pdf The pk11wrap layer and the softoken] <br> [http://www.mozilla.org/projects/security/pki/nss/db_formats.html Format of the certificate database] || Draft
|-
|-
|'''Security Policy'''||
|'''Security Policy'''||
[http://wiki.mozilla.org/VE_01#VE.01.15.01 VE.01.15.01 ] <br>
[http://wiki.mozilla.org/VE_01#VE.01.15.01 VE.01.15.01 ] <br>
[http://wiki.mozilla.org/VE_01#VE.01.16.01 VE.01.16.01 ]
[http://wiki.mozilla.org/VE_01#VE.01.16.01 VE.01.16.01 ]
| [http://wiki.mozilla.org/Section_C:_Cryptographic_Security_Policy Security Policy]|| Draft
| Security-related information whose disclosure or modification can compromise the security of the NSS module includes:
* secret and private cryptographic keys
* passwords
[http://wiki.mozilla.org/Security_Policy Security Policy]
|| Draft
|}
|}


Return to: [[NSSCryptoModuleSpec]]
Return to: [[NSSCryptoModuleSpec]]

Revision as of 04:45, 20 May 2006

This is a draft document

Document Description

DTR Section

Assessment

Status

Approved mode of operations

VE.01.03.01
VE.01.03.02

Security Policy
Module Specification

Draft
Processor interfaces VE.01.06.01
VE.01.06.02 		(N/A) NSS is a software cryptographic module that runs on a general purpose computer. Draft
Modules Components VE.01.08.01
VE.01.08.02 		Module Components Draft
Cryptographic Boundary

VE.01.08.03
VE.01.08.04
VE.01.08.05

Cryptographic Boundary Draft
Physical Description

VE.01.08.06
VE.01.08.07

(N/A) a general purpose computer Draft
Excluded Components

VE.01.09.01
VE.01.09.02

Module Components Draft
Alogorithm Certificates

VE.01.12.01
VE.01.12.02

Approved Algorithms

Non-Approved algorithms may only be used in non-FIPS mode, unless an exception is noted:

  • MD2
  • MD5: may be used in the TLS pseudo-random function (PRF) in FIPS mode
  • DES: may be used for interoperation with legacy systems in FIPS mode
  • RC2
  • RC4
 Draft
Hardware Diagrams

VE.01.13.01
VE.01.13.02
VE.01.13.03

(N/A) a block diagram of a general purpose computer Draft
Block Diagram

VE.01.13.04

The physical cryptographic boundary of the NSS module surrounds all the components of the general purpose computer. The logical cryptographic boundary is shown in Cryptographic Boundary Draft
Design Specification

VE.01.14.01

Finite State Model and Description
Introduction to NSS
NSS API Guidelines
The pk11wrap layer and the softoken
Format of the certificate database		 Draft
Security Policy

VE.01.15.01
VE.01.16.01

Security-related information whose disclosure or modification can compromise the security of the NSS module includes:
  • secret and private cryptographic keys
  • passwords

Security Policy

Draft

Return to: NSSCryptoModuleSpec

Retrieved from "https://wiki.allizom.org/index.php?title=NSSCryptoModuleSpec/Section_1:_Cryptographic_Module_Specification&oldid=26332"