| intCertNum |
1492 |
| strVendorName |
IBM Corporation |
| strURL |
http://www.ibm.com |
| strAddress1 |
2455 South Road |
| strAddress2 |
|
| strAddress3 |
|
| strCity |
Poughkeepsie |
| strStateProv |
NY |
| strPostalCode |
12601 |
| strCountry |
12601 |
| strContact |
William F Penny |
| strEmail |
wpenny@us.ibm.com |
| strPhone |
845-435-3010 |
| strFax |
|
| strContact2 |
|
| strEmail2 |
|
| strFax2 |
|
| strPhone2 |
|
| intCertNum |
1492 |
| strModuleName |
IBM z/OS Version 1 Release 11 System SSL Cryptographic Module |
| strPartNumber |
Hardware Versions: FC3863 w/System Driver Level 77 and optional CEX3A and CEX3C [CEX3A and CEX3C are separately configured versions of 4765-001 (P/N 45D6048)];
Firmware Version: 4765-001 (e1ced7a0);
Software Versions: System SSL level HCPT3B0/JCPT3B1 with APAR OA31595, RACF level HRF7760 with APAR OA30951 and ICSF level HCR7770 with APAR OA32012 |
| memModuleNotes |
When operated in FIPS mode |
| str140Version |
140-2 |
| _sp_ |
Security Policy [pdf][html][txt] |
| _cert_ |
Certificate [pdf] |
| strPURL |
|
| strModuleType |
Software-Hybrid |
| strValidationDate |
02/04/2011;04/12/2011 |
| intOverallLevel |
1 |
| memIndividualLevelNotes |
-Cryptographic Module Specification: Level 3;;-Operational Environment: Tested as meeting Level 1 with IBM System z10(TM) Enterprise Class (z10 EC) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 [Base GPC, optional Crypto Express3 Card (Coprocessor (CEX3C)); Crypto Express3 Card (Accelerator (CEX3A)) and Crypto Express3 Cards (Coprocessor (CEX3C) and Accelerator (CEX3A))] [IBM System z10(TM) Enterprise Class (z10 EC) with CP Assist for Cryptographic Functions DES/TDES Enablement Feature 3863 includes FC3863 w/System Driver Level 77 and z/OS V1R11] (single-user mode) |
| strFIPSAlgorithms |
AES (Certs. #976, #1418 and #1419);
Triple-DES (Certs. #769, #968 and #969);
DSA (Certs. #458 and #459);
RSA (Certs. #691, #692, #693, #694 and #695);
SHS (Certs. #946, #1286 and #1287);
HMAC (Certs. #836 and #837);
RNG (Certs. #775 and #776) |
| strOtherAlgorithms |
Diffie-Hellman (key agreement: key establishment methodology provides 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
DES;
RC2;
ArcFour;
MD5;
MD2 |
| strConfiguration |
Multi-chip standalone |
| memModuleDescription |
System SSL is a set of generic services provided in z/OS to protect TCP/IP communications using the SSL/TLS protocol. System SSL is exploited by many SSL enabled servers and clients in z/OS to meet the transport security constraints required in an On Demand environment. The System SSL APIs are also externalized to customer applications. System SSL has evolved through the latest releases of z/OS to support the new TLS (Transaction Layer Security) standard, to reach an unmatched level of performance and to extend the APIs available to applications to new functions. |
| intModuleCount |
1 |
| memAdditionalNotes |
04/12/11: Updated HW and OE to indicate optional components for same functionality. |
| strFirstValidtionDate |
02/04/11 00:00:00 |
| strLabName |
atsec |
| strValidationYear |
2011 |