[jcifs] FIPS compliance for JCIFS

[Marasim]

Christopher R. Hertel <crh <at> ubiqx.mn.org> writes:

> 
> FIPS compliant or Windows compliant?
> 
> Unless someone were to sponsor the testing, I don't know of any way to get
> FIPS accreditation for jCIFS.  In any case, the real goal would be to ensure
> that jCIFS can leverage any and all of the myriad available authentication
> mechanisms supported by Windows CIFS servers.  I don't currently know where
> we are in relation to that latter goal.
> 
> Chris -)-----
> 
> Marasim wrote:
> > I tried searching for this on the forum, but cannot seem to find an answer. 
Is 
> > there a tweak to the JCIFS library that will make it FIPS compliant, 
especially 
> > for authentication to the Windows hosts?
> > 
> > Thanks,
> > Marasim
> > 
> 

Thanks for your reply Chris. My question was more in terms of inherent FIPS 
compliance not necessarily an official accreditation or certification. I do see 
there is a separate JCIFS kerberos package available and that may provide the 
solution (I am still working on figuring it out, there seems to be an example 
class KerberosAuthExample that provides some insight into how this may work). Is 
there a way the default package (maintained more frequently) can be tweaked to 
use FIPS compliant algorithms?

Thanks,
Marasim