[ntp:security] The latest ntp does not support a FIPS-compliant

Terry.Lemons at dell.com Terry.Lemons at dell.com
Tue Dec 10 21:31:49 UTC 2019


I'm using ntp 4.2.8p13 on SLES 12 SP4 in my environment. Looking at 'man ntp-keygen', I read "If compatibility with FIPS 140-2 is required, either the DSA-SHA or DSA-SHA1 scheme must be used".  This is no longer accurate, as SHA-1 for signature generation is not FIPS approved anymore.

Are there plans to support a FIPS 140-2 - compliant signature encryption/message digest pairing(s)?


Terry Lemons

Data Protection Division

176 South Street, MS 2/B-34
Hopkinton MA 01748
terry.lemons at dell.com<mailto:terry.lemons at dell.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20191210/b2400797/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 2117 bytes
Desc: image001.png
URL: <http://lists.ntp.org/private/security/attachments/20191210/b2400797/attachment.png>

More information about the security mailing list