Monday, February 25, 2008

Domino is Federal Information Processing Standard (FIPS)

Found here
Sales guys, go tell customers MS is full of FUD again.

From the online updated information on Lotus Notes/Domino 8.0.1.
Note that although the code is included and acceptable for Windows, for some reason it is not acceptable when used in non-Windows environments running Domino.

AES encryption
The Advanced Encryption Standard (AES) algorithm is optionally available for use with some encryption features. The AES algorithm is widely used and is approved by Federal Information Processing Standard (FIPS) 140-2. AES is currently available for ID file encryption, mail and document encryption, single sign-on configuration using the LtpaToken2 format, and SSL cipher configuration.

FIPS 140-2 certification
FIPS regulates cryptography and the use of cryptographic libraries. The cryptographic library is the .dll that stores encryption algorithms, and cryptographic libraries, not the applications that use them, can be FIPS 140-2 certified. Starting with release 8.0.1, the cryptographic library provided with Notes and Domino on the 32-bit Microsoft Windows platform is FIPS 140-2 certified. Although the cryptographic libraries on Notes and Domino 8.0.1 on platforms other than 32-bit Windows are not FIPS 140-2 certified, those libraries nevertheless include the FIPS 140-2 approved AES algorithm.