Any implication on the project's release process to comply with FIPS if it turns on by default?
- Henry On Fri, Feb 26, 2021 at 12:56 PM Anup Ghatage <ghat...@gmail.com> wrote: > Hi Bookies, > > FIPS is 'Federal Information Processing Standard'. Basically it's a set of > guidelines for security functions such as encryption/decryption/RNG etc. > Applications running in FIPS mode are said to be more secure as they adhere > to more stringent standards. > Java's security framework is extensible via the JCE (Java crypto extension) > allows us to use libraries which implement these functions. > In general we use BouncyCastle as it has an active and supportive community > and also maintains the fips versions of their libraries. > > Pulsar currently has FIPS support but it's not on by default, I had a chat > with Jia about it and he mentioned that there is no specific reason as to > why we run without it. > I was wondering what the community thinks about keeping it on by default > for bookkeeper? > > Regards, > Anup >
