|
||||||||||||||||||||||||||||||||||
 |
||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
FIPS ComplianceOne of our members was contacted by a customer who cannot access their site from a federal government network and/or gov't owned PC due to a mandate for FIPS compliance (in this case, ciphers supported by the website). Based on some ad-hoc checking, this would appear to be an issue applicable to other FI's, as well as vendor sites. Has anyone heard of this issue? Is anyone aware of the federal government more aggressively rolling out FIPS compliance mandate on sites accessed from government networks or government owned PCs? This appears to be about the cipher range being supported by the site, supporting cipher strengths lower than FIPS 2.0 mandates. The FIPS compliance setting elevates the cipher strength requirement, and the same behavior with other peer bank sites being blocked has been observed when you specify that compliance level in the browser. Login to view the answers posted to this question »
|
