-
[FIPS 140-3 Implementation Guidance](https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf) requires that only EMS KDF in TLS 1…
-
Confirm the following are included in your repo, checking each box:
- [x] completed README.md file with the necessary information
- [x] shim.efi to be signed
- [x] public portion of your certi…
-
I’m not a crypto expert, but couldn’t Go’s TLS stack un-deprecate `ConnectionState.TLSUnique` by implementing [RFC7627](https://tools.ietf.org/html/rfc7627)? In terms of API, when a TLS connection doe…
-
*(As I've sent to the security mailing list three emails, last one over 2 weeks ago, and haven't received anything but automated reply that the email was received, I'm making the issue public here. Wh…
-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| 4.8.0-Beta 2 | Vulnerability Detection | Manager | Packages | Ubuntu 22 |
# Description
During End-to-End…
-
### Description
Our current understanding is that no health tests will alter the data that is accumulated in the observe FIFO. FIPS validation testing, we can use the Firmware Override / Bypass Mode …
-
### Feature request
From python 3.9 hashlib introduced the `usedforsecurity` argument:
> Changed in version 3.9: All hashlib constructors take a keyword-only argument usedforsecurity with default va…
-
When parsing "NIST FIPS 140-2" and rendering it we get "NIST FIPS PUB 140-2"
```ruby
> Pubid::Nist::Identifier.parse("NIST FIPS 140-2").to_s
"NIST FIPS PUB 140-2"
```
There aren't "NIST FIPS PUB …
-
rustls currently depends on *ring* as the only crypto backend.
While *ring* is certainly a good crypto library, it has a poor story regarding backwards compatibility. Additionally, it is staticall…
-
Hi Team,
I am working on validating OpenSearch reporting plugin on version 2.11.0.0 for x86_64 architecture.
Encountered an error while running the integration test with ```./gradlew integTest```.
…