{"id":3480,"date":"2021-03-02T17:37:00","date_gmt":"2021-03-02T16:37:00","guid":{"rendered":"https:\/\/webdev.atsec.us\/?p=3480"},"modified":"2024-08-19T21:29:47","modified_gmt":"2024-08-19T19:29:47","slug":"the-impact-of-tls-1-3-and-acvts-on-fips-certification-testing","status":"publish","type":"post","link":"https:\/\/webdev.atsec.us\/the-impact-of-tls-1-3-and-acvts-on-fips-certification-testing\/","title":{"rendered":"The Impact of TLS 1.3 and ACVTS on FIPS Certification Testing"},"content":{"rendered":"\n
by Marcos Portnoi, Stephan Mueller, and Viktoria Meyerhoff<\/font><\/p>\n\n\n\n In 2018, the Internet Engineering Task Force (IETF<\/a>) published RFC 8446<\/a>, \u201cTransport Layer Security (TLS) Protocol Version 1.3\u201d, a new standard for the latest version of TLS. TLS is the successor of SSL (Secure Sockets Layer), which was developed by Netscape in 1995. In 2020, the Cryptographic Module Validation Program (CMVP<\/a>) updated the algorithm testing process from the Cryptographic Algorithm Validation System (CAVS<\/a>) to the Automated Cryptographic Validation Testing System (ACVTS<\/a>). Companies pursuing certifications may wonder how TLS 1.3 and ACVTS affect the algorithm testing requirements needed for FIPS certification.<\/p>\n\n\n\n