The information in this article applies to:
SYMPTOMSMicrosoft Cryptography Service Providers (CSPs) do not retain Federal Information Processing Standard (FPIS) 140-1 validations. RESOLUTIONTo resolve this problem, obtain the latest service pack for Windows NT. For additional information, please see the following article in the
Microsoft Knowledge Base: Q152734 How to Obtain the Latest Windows NT 4.0 Service Pack STATUSMicrosoft has confirmed this to be a problem in the Microsoft products listed at the beginning of this article. This problem was first corrected in Windows NT 4.0 Service Pack 6. MORE INFORMATION
FPIS is a U.S. Government standard that provides a benchmark for implementing cryptographic software. It specifies the best practices for implementing cryptoalgorithms, handling key material and data buffers, and working with the operating system. Software vendors submit their products to an evaluation process to demonstrate their implementation of this standard. Other governmental and prominent financial institutions are also beginning to require the FPIS 140-1 validation.
The FIPS process requires vendors of FIPS 140-1 validated CSPs to publish the associated security policy documentation. The security policies for the four Microsoft FIPS 140-1 valiated CSPs can be found at http://www.microsoft.com/security/Issues/FIPS140-1Evaluation.asp. For the latest information about security issues related to Microsoft products, including the FIPS 140-1 validation, please visit the following Microsoft Web site: http://www.microsoft.com/security/ Additional query words: CryptoAPI
Keywords : kbpolicy ntsecurity ntsp kbbug4.00 kbfix4.00 NT4SP6Fix |
Last Reviewed: November 24, 1999 © 2000 Microsoft Corporation. All rights reserved. Terms of Use. |