[Pkg-fedora-ds-maintainers] [libapache2-mod-nss] 37/156: Update to reflect changes to the NSSFIPS directive
Timo Aaltonen
tjaalton-guest at moszumanska.debian.org
Wed Jul 2 13:55:25 UTC 2014
This is an automated email from the git hooks/post-receive script.
tjaalton-guest pushed a commit to branch master
in repository libapache2-mod-nss.
commit 609e2db639062a6eaf66ca0d8275e01fb19fc44b
Author: rcritten <>
Date: Thu Sep 8 14:08:02 2005 +0000
Update to reflect changes to the NSSFIPS directive
---
docs/mod_nss.html | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/docs/mod_nss.html b/docs/mod_nss.html
index 3a03c54..1e34846 100644
--- a/docs/mod_nss.html
+++ b/docs/mod_nss.html
@@ -350,8 +350,19 @@ Example</span><br style="font-weight: bold;">
<br>
Enables or disables FIPS 140 mode. This replaces the standard
internal PKCS#11 module with a FIPS-enabled one. It also forces the
-enabled protocols to SSLv3 and TLSv1 and disables all ciphers but the
-FIPS ones.<br>
+enabled protocols to TLSv1 and disables all ciphers but the
+FIPS ones. You may still select which ciphers you would like
+limited to those that are FIPS-certified. Any non-FIPS that are
+included in the NSSCipherSuite entry are automatically disabled.
+The allowable ciphers are:<br>
+<ul>
+<li>rsa_3des_sha</li>
+<li>rsa_des_sha</li>
+<li>fips_3des_sha</li>
+<li>fips_des_sha</li>
+<li>rsa_des_56_sha</li>
+<li>fortezza</li>
+</ul>
<span style="font-weight: bold;"><br>
</span>FIPS is disabled by default.<br>
<span style="font-weight: bold;"><br>
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-fedora-ds/libapache2-mod-nss.git
More information about the Pkg-fedora-ds-maintainers
mailing list