[4715] in cryptography@c2.net mail archive
Re: obtaining FIPS-140a
daemon@ATHENA.MIT.EDU (jehill@nexis.org)
Fri May 14 17:55:48 1999
From: jehill@nexis.org
Date: Fri, 14 May 1999 13:03:58 -0700
To: Adam Back <aba@dcs.ex.ac.uk>
Cc: cryptography@c2.net, coderpunks@toad.com
In-Reply-To: <199905141906.UAA00750@server.eternity.org>; from Adam Back on Fri, May 14, 1999 at 08:06:03PM +0100
On Fri, May 14, 1999 at 08:06:03PM +0100, Adam Back wrote:
> Anyone who has done this have a feel for how much work and cost is
> involved in obtaining FIPS-140a?
You could just call a FIPS 140 house... There are three of them.
They are listed at the NIST site.
> Are there samples of successful applicant's submitted
> documentation available?
The majority of companies don't release their documents for public
consumption. However, there is a requirement for FIPS 140 that there
be a public Security Policy. These are available through NIST.
Josh
P.S. I work at Infogard Laboratories, one of the FIPS 140 testing labs.
Any view I express is _not_ necessarily the view of my employer.
--
-----------------------------Joshua E. Hill-----------------------------
| It's better to be rich and healthy than poor and sick. |
----------------------------jehill@nexis.org----------------------------
