Since configuring my dev machine (Vista Ultimate) to allow RDP connections only via SSL and FIPS, I'm encountering the following error with the Sourcegear Vault error when trying to connect to the server:
This implementation is not part of the Windows Platform FIPS validated
cryptographic algorithms.
Instructions for how I configured my machine can be seen here: http://articles.techrepublic.com.com/51 ... 66676.html, the most pertinent to this issue is that I've configured my machine to only use FIPS compliant algorithms for encrypting, hashing, and signing.
I really don't want to have to remove my ability to securely remote into my dev machine when I'm offsite, so are there any solutions you can suggest other than regularly switching settings back and forth? We're using Vault version 3.5.3 (5169).
This implementation is not part of the Windows Platform FIPS
Moderator: SourceGear
-
ovalsquare
- Posts: 4
- Joined: Wed Apr 26, 2006 3:10 pm
Vault uses MD5 for authentication and MD5 is not FIPS compliant so Vault authentication will not work if FIPS enforcement is enabled.
I can log a feature request to use a FIPS compliant algorithm for authentication, but right now Vault will not work with that option enabled.
I can log a feature request to use a FIPS compliant algorithm for authentication, but right now Vault will not work with that option enabled.
Mary Jo Skrobul
SourceGear
SourceGear
-
ovalsquare
- Posts: 4
- Joined: Wed Apr 26, 2006 3:10 pm
Thanks for the very prompt reply. That would be a good feature request, but I guess I'll just have to switch my group policy back and forth as required for now.
I can imagine that this will become a bigger issue as time goes on as Network Admins switch to requiring FIPS. Fortunately for me, I am not part of a larger group policy so can change as necessary.
I can imagine that this will become a bigger issue as time goes on as Network Admins switch to requiring FIPS. Fortunately for me, I am not part of a larger group policy so can change as necessary.
-
kgovert007
- Posts: 8
- Joined: Mon Apr 07, 2008 12:31 pm
FIPS compliance
I would like to add my fote for FIPS compliance. I think larger projects are going towards this paradigm, and our is one of them. I can probably skate around it for now, but we really need this to eventually be in place.
Thanks.
Thanks.
-
colinrobinson
- Posts: 5
- Joined: Tue Feb 22, 2011 10:09 am
Re: This implementation is not part of the Windows Platform
Has there been any progress on implementing Fips Compliance with Vault.
UK Government projects are implementing this as a requirement on their subcontractors and i imagine there are a lot of them, the requirement will also apply to Local Government and their internal developers.
So momentum is there already.
UK Government projects are implementing this as a requirement on their subcontractors and i imagine there are a lot of them, the requirement will also apply to Local Government and their internal developers.
So momentum is there already.
Re: This implementation is not part of the Windows Platform
We know this is an important issue for our users and we are evaluating this for Vault 6.0.
Linda Bauer
SourceGear
Technical Support Manager
SourceGear
Technical Support Manager