We need to rework FIPS mode in Samba
Aleksandar Kostadinov
akostadinov at gmail.com
Fri Mar 18 19:00:31 UTC 2022
It is good for samba to have some switch for enabling only secure
algorithms. But I don't think it has to be implemented by the FIPS mode.
Some newer secure ciphers can yet be unaccepted in a FIPS standard. FIPS
doesn't mean highest security. It just means the FIPS standard.
On Fri, Mar 18, 2022 at 8:36 PM Andrew Bartlett <abartlet at samba.org> wrote:
> Correct, Samba can't be FIPS compliant, but we can avoid using known
> poor cryptography not for certification purposes, but for sensible
> 'secure by default' or at least 'can be configured to be sensibly
> secure' design principles.
>
> Just as you wouldn't offer SSLv3 even when the host is not FIPS-140
> certified.
>
> Samba's CI system runs on a Ubuntu 20.04 base for the majority of the
> tests (as mentioned, we run a tiny number of tests in a Fedora 35
> environment to test "FIPS mode"), but most importantly the final
> autobuild is under the Ubuntu 20.04 platform, so we should ensure that
> our tests are run there when possible.
>
> I'm quite disappointed at the "FIPS mode" in GnuTLS is optional in this
> way - also denying any application or administrator the opportunity to
> opt out of weak ciphers on a per-app basis - but that is life.
>
> Andrew Bartlett
>
> On Fri, 2022-03-18 at 12:07 +0200, Aleksandar Kostadinov via samba-
> technical wrote:
> > How can samba be FIPS compliant on a non-FIPS compliant operating system?
> > Might be easier to just run the tests in a FIPS compliant environment.
>
> --
> Andrew Bartlett (he/him) https://samba.org/~abartlet/
> Samba Team Member (since 2001) https://samba.org
> Samba Developer, Catalyst IT https://catalyst.net.nz/services/samba
>
>
More information about the samba-technical
mailing list