[jcifs] FIPS compliance for JCIFS
marasim at gmail.com
Mon Apr 25 18:20:25 MDT 2011
Christopher R. Hertel <crh <at> ubiqx.mn.org> writes:
> FIPS compliant or Windows compliant?
> Unless someone were to sponsor the testing, I don't know of any way to get
> FIPS accreditation for jCIFS. In any case, the real goal would be to ensure
> that jCIFS can leverage any and all of the myriad available authentication
> mechanisms supported by Windows CIFS servers. I don't currently know where
> we are in relation to that latter goal.
> Chris -)-----
> Marasim wrote:
> > I tried searching for this on the forum, but cannot seem to find an answer.
> > there a tweak to the JCIFS library that will make it FIPS compliant,
> > for authentication to the Windows hosts?
> > Thanks,
> > Marasim
Thanks for your reply Chris. My question was more in terms of inherent FIPS
compliance not necessarily an official accreditation or certification. I do see
there is a separate JCIFS kerberos package available and that may provide the
solution (I am still working on figuring it out, there seems to be an example
class KerberosAuthExample that provides some insight into how this may work). Is
there a way the default package (maintained more frequently) can be tweaked to
use FIPS compliant algorithms?
More information about the jCIFS