| intCertNum |
1600 |
| strVendorName |
IBM Corporation |
| strURL |
http://www.IBM.com |
| strAddress1 |
2455 South Road |
| strAddress2 |
|
| strAddress3 |
|
| strCity |
Poughkeepsie |
| strStateProv |
NY |
| strPostalCode |
12601 |
| strCountry |
12601 |
| strContact |
William F Penny |
| strEmail |
wpenny@us.ibm.com |
| strPhone |
845-435-3010 |
| strFax |
|
| strContact2 |
|
| strEmail2 |
|
| strFax2 |
|
| strPhone2 |
|
| intCertNum |
1600 |
| strModuleName |
IBM z/OS Version 1 Release 12 System SSL Cryptographic Module |
| strPartNumber |
Hardware Versions: FC3863 w/System Driver Level 86E, and optional CEX3A and CEX3C [CEX3A and CEX3C are separately configured versions of 4765-001 (P/N 45D6048)];
Firmware Version: 4765-001 (e1ced7a0);
Software Versions: System SSL level HCPT3C0/JCPT3C1 w/ APAR OA34156, RACF level HRF7770 and ICSF level HCR7770 w/ APAR OA34205 |
| memModuleNotes |
When operated in FIPS mode |
| str140Version |
140-2 |
| _sp_ |
Security Policy [pdf][html][txt] |
| _cert_ |
Certificate [pdf] |
| strPURL |
|
| strModuleType |
Software-Hybrid |
| strValidationDate |
09/08/2011 |
| intOverallLevel |
1 |
| memIndividualLevelNotes |
-Cryptographic Module Specification: Level 3;;;-Operational Environment: Tested as meeting Level 1 with IBM zEnterprise (TM) 196 (z196) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 [Base GPC, and optional Crypto Express3 Card (Coprocessor (CEX3C)); Crypto Express3 Card (Accelerator (CEX3A)) and Crypto Express3 Cards (Coprocessor (CEX3C) and Accelerator (CEX3A))] [IBM zEnterprise (TM) (z196) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 includes FC3863 w/System Driver Level 86E and z/OS V1R12] (single-user mode) |
| strFIPSAlgorithms |
AES (Certs. #1702, #1703 and #1713);
Triple-DES (Certs. #1093, #1094 and #1103);
DSA (Certs. #526 and #527);
RSA (Certs. #831, #832, #844, #845 and #846);
SHS (Certs. #1485, #1486 and #1497);
HMAC (Certs. #986 and #987);
RNG (Certs. #901 and #902) |
| strOtherAlgorithms |
Diffie-Hellman (key agreement: key establishment methodology provides 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
DES;
RC2;
ArcFour;
MD5;
MD2;
ECDSA (non-compliant) |
| strConfiguration |
Multi-chip standalone |
| memModuleDescription |
System SSL is a set of generic services provided in z/OS to protect TCP/IP communications using the SSL/TLS protocol. System SSL is exploited by many SSL enabled servers and clients in z/OS to meet the transport security constraints required in an On Demand environment. The System SSL APIs are also externalized to customer applications. System SSL has evolved through the latest releases of z/OS to support the new TLS (Transaction Layer Security) standard, to reach an unmatched level of performance and to extend the APIs available to applications to new functions. |
| intModuleCount |
1 |
| memAdditionalNotes |
|
| strFirstValidtionDate |
09/08/11 00:00:00 |
| strLabName |
atsec |
| strValidationYear |
2011 |