I've tried to enable FIPS in KM 1.6.0b2.
The first thing I did was a little research. I found Configuring Firefox for FIPS 140-2
which is an old page, but FF doesn't say how old.
So I followed instructions, gave myself a master password, disabled SSL3 (Privacy & Security>Encryption>>Encrypted Transmission), then Privacy & Security>Encryption>>Protected Storage>Manage Crypto Devices. In Device Manager, select NSS Internal PKCS #11 Module
and click "Enable FIPS". Nothing much happened. Actually, nothing happened.
Perservering, open "about:config", and make sure as many of the settings in "ssl" filter as I can find are set according to the FF site, almost all by switching them off
. Essentially, disable SSL3 and unset a number of cyphers.
However, I still see no indication that FIPS has in fact been enabled: going by the FF guide, I should see that in the Device Manager.
So, does KM 1.6.0b2 support FIPS 140-2? Or do we have a bug?
Allied to this is a question about the security padlock at lower left corner.
On a secure website, I expect to see this with an orange/amber URL bar
But on Secure Wikipedia (https
:\\en...) I see a red URL bar with a broken padlock
. BTW, Secure Wikipedia has always done this.
Am I reading the padlocks correctly?
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon 76RC, Pale Moon 26.4.1, IE11, Clyton email 17.0, Foxit Reader 126.96.36.1996, PaintShop Pro 6.02, SuRun 188.8.131.52, VoodooShield 14.8
Television is the first truly democratic culture -- the first culture available to everyone and entirely governed by what the people want. The most terrifying thing is what people do want. [Clive Barnes, 1969]
Edited 1 time(s). Last edit at 09/25/2011 02:01PM by gordon451.