[prev in list] [next in list] [prev in thread] [next in thread]
List: xmlrpc-user
Subject: [jira] [Commented] (WSS-711) Introduce a system property "fips.enabled" so that WSS4J can work easie
From: "Freeman Yue Fang (Jira)" <jira () apache ! org>
Date: 2024-04-25 20:38:00
Message-ID: JIRA.13577268.1714077152000.40139.1714077480012 () Atlassian ! JIRA
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/WSS-711?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17840968#comment-17840968 \
]
Freeman Yue Fang commented on WSS-711:
--------------------------------------
PR is
https://github.com/apache/ws-wss4j/pull/313
> Introduce a system property "fips.enabled" so that WSS4J can work easier in FIPS \
> mode
> -------------------------------------------------------------------------------------
>
> Key: WSS-711
> URL: https://issues.apache.org/jira/browse/WSS-711
> Project: WSS4J
> Issue Type: New Feature
> Reporter: Freeman Yue Fang
> Assignee: Colm O hEigeartaigh
> Priority: Major
>
> Currently WSS4J has some default security algo settings which are not applicable on \
> FIPS machine. For example AES_CBC, RSA-OAEP and PBEWithMD5AndTripleDES are not FIPS \
> compliant, while we should use AES_GCM, RSA-1_5 and PBEWithHmacSHA512AndAES_256 on \
> FIPS machine. So I propose to introduce a system property "fips.enabled", when this \
> property set as true, the FIPS compliant algos will be used accordingly, and this \
> new introduced system propery won't affect current default behaviour.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic