[Novalug] Neatreceipts??

Bryan J Smith b.j.smith@ieee.org
Sun Sep 6 00:21:50 EDT 2009


On Sat, 2009-09-05 at 17:23 -0400, Rich Goodwin wrote:
> The comments about FIPS compliant address is interesting.  I believe
> compliancy is is based on using a digital signature that complies with
> the FIPS.

That's the point.  That professionals will submit anything that is to be
public with a FIPS-compliant digital signature for authentication
purposes.

> IANAL but it is my understanding that signing a file with a
> FIPS-compliant certificate (or non-FIPS for that matter)

It doesn't have to be a certificate.  It can be another solution than
X.500 certificates.

> meets the GAAP

GAAP is only for accounting, not utilized in many other professions that
are requiring FIPS.  E.g., public land surveys and maps.

> and is or could be argued to be "Best or Reasonable" Business Practices.

Agreed.

> I do not believe using the commercial version of Acrobat to digitally
> sign a file is any different than using gpg to sign the file.

Again, it does not have to be a certificate-based solution.

Even Red Hat has released a FIPS-compliant OpenSSH package and, as I
understand it, is current amid FIPS-certification of its OpenSSH
package.  This is happening with other solutions that do not use X.500
certificates as well.

> It is merely which application does this and is the proper private key
> used in the process.  The end result should be effectively the same.

Again, there are many solutions under FIPS compliance and even FIPS
certification now, or at least in-progress.  Several are not X.500 based
and do not require SSL certificates.

Sounds like someone has been pushing marketing on you.  ;)

Just like ActiveDirectory is _not_ the only directory service that can
be utilized for various compliance with policies.  That too is a farce,
but customers have their own, limited and narrow views on that, and they
are difficult to change.


-- 
Bryan J  Smith         Professional, Technical Annoyance 
Linked Profile:       http://www.linkedin.com/in/bjsmith 
-------------------------------------------------------- 
Only engineers can solve the growing needs of consumers
Stop being "aware" (that's so '70s) and start supporting
real solutions that actually work and sustain the planet






More information about the Novalug mailing list