crypto: FIPS 200 mode

From: Randy Dunlap
Date: Tue Mar 30 2021 - 18:27:44 EST

Next message: Dmitry Osipenko: "Re: [PATCH v1 2/6] dt-bindings: memory: tegra30: emc: Replace core regulator with power domain"
Previous message: syzbot: "[syzbot] WARNING: suspicious RCU usage in copy_page_range"
Next in thread: Stephan Mueller: "Re: crypto: FIPS 200 mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The Kconfig help text for CRYPTO_FIPS says

config CRYPTO_FIPS
bool "FIPS 200 compliance"
...
help
This option enables the fips boot option which is
required if you want the system to operate in a FIPS 200
certification. You should say no unless you know what
this is.

This seems confusing to me since it says "compliance" in one place and
"certification" in another place. And AFAICT, those two words don't
mean the same thing as far as NIST & FIPS are concerned.

Should it say "compliance" in both places? E.g.

help
This option enables the fips boot option which is
required if you want the system to operate in FIPS 200
compliance mode. You should say no unless you know what
this is.

thanks.
--
~Randy

Next message: Dmitry Osipenko: "Re: [PATCH v1 2/6] dt-bindings: memory: tegra30: emc: Replace core regulator with power domain"
Previous message: syzbot: "[syzbot] WARNING: suspicious RCU usage in copy_page_range"
Next in thread: Stephan Mueller: "Re: crypto: FIPS 200 mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]