CA ITCM can operate in one of the following modes:
In FIPS-preferred mode, CA ITCM prefers to use FIPS 140-2 approved security functions; however, when it communicates with legacy CA ITCM components it uses legacy security functions. In this mode, the embedded cryptographic modules are not operated in FIPS 140-2 accredited modes as they require the use of non-approved security functions, such as MD5. When operating in FIPS-preferred mode CA ITCM can communicate and interoperate with the previous releases of CA ITCM.
In FIPS-only mode, CA ITCM uses only FIPS 140-2 approved security functions. There is some non-cryptographic use of non-approved security functions, as detailed in the sections below, but these are not provided by any embedded cryptographic module when in a FIPS 140-2 approved mode of operation. In this mode, CA ITCM can only interoperate with the components that are FIPS-compliant, either in FIPS-preferred or FIPS-only mode.
Note: This appendix focuses on the cryptographic use when CA ITCM is operating in FIPS-only mode.
|
Copyright © 2013 CA.
All rights reserved.
|
|