| intCertNum |
1389 |
| strVendorName |
IBM Corporation |
| strURL |
http://www.IBM.com |
| strAddress1 |
2455 South Road |
| strAddress2 |
|
| strAddress3 |
|
| strCity |
Poughkeepsie |
| strStateProv |
NY |
| strPostalCode |
12601 |
| strCountry |
12601 |
| strContact |
William F Penny |
| strEmail |
wpenny@us.ibm.com |
| strPhone |
845-435-3010 |
| strFax |
|
| strContact2 |
|
| strEmail2 |
|
| strFax2 |
|
| strPhone2 |
|
| intCertNum |
1389 |
| strModuleName |
IBM z/OS Version 1 Release 10 System SSL Cryptographic Module |
| strPartNumber |
Hardware Versions: FC3863 w/System Driver Level 76, CEX2A and CEX2C [CEX2A and CEX2C are separately configured versions of 4764-001 (P/Ns 12R6536, 12R8241, 12R8561 or 41U0438)];
Firmware Version: 4764-001(2096a16d) or 4764-001(c16f4102);
Software Versions: APAR OA26457 and APAR OA26109 |
| memModuleNotes |
When operated in FIPS mode |
| str140Version |
140-2 |
| _sp_ |
Security Policy [pdf][html][txt] |
| _cert_ |
Certificate [pdf][txt] |
| strPURL |
|
| strModuleType |
Software-Hybrid |
| strValidationDate |
08/12/2010 |
| intOverallLevel |
1 |
| memIndividualLevelNotes |
-Cryptographic Module Specification: Level 3;-Tested as meeting Level 1 with IBM System z10 Enterprise Class (z10 EC) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 [Base GPC, Crypto Express2 Card (Coprocessor (CEX2C)); Crypto Express2 Card (Accelerator (CEX2A)) and Crypto Express2 Cards (Coprocessor (CEX2C) and Accelerator (CEX2A))] [IBM System z10 Enterprise Class (z10 EC) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 includes FC3863 w/System Driver Level 76 and z/OS V1R10] (single-user mode) |
| strFIPSAlgorithms |
AES (Certs. #976, #1106, and #1107);
Triple-DES (Certs. #769, #804, and #805);
DSA (Certs. #355 and #356);
RSA (Certs. #517, #518, #519, #520, and #521);
SHS (Certs. #946, #1029, and #1030);
HMAC (Certs. #618 and #619);
RNG (Certs. #614 and #615) |
| strOtherAlgorithms |
Diffie-Hellman (key agreement: key establishment methodology provides 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
DES;
RC2;
ArcFour;
MD5;
MD2. |
| strConfiguration |
Multi-chip standalone |
| memModuleDescription |
System SSL is a set of generic services provided in z/OS to protect TCP/IP communications using the SSL/TLS protocol. System SSL is exploited by many SSL enabled servers and clients in z/OS to meet the transport security constraints required in an On Demand environment. The System SSL APIs are also externalized to customer applications. System SSL has evolved through the latest releases of z/OS to support the new TLS (Transaction Layer Security) standard, to reach an unmatched level of performance and to extend the APIs available to applications to new functions. |
| intModuleCount |
1 |
| memAdditionalNotes |
|
| strFirstValidtionDate |
08/12/10 00:00:00 |
| strLabName |
atsec |
| strValidationYear |
2010 |