IBM Security Verify Access for Web WebSEAL nist-compliance stanza entry

nist-compliance

Use the nist-compliance stanza entry to enable or disable NIST SP800-131A compliance.

nist-compliance = {yes|no}

Description

Enable or disable NIST SP800-131A compliance.
Enabling NIST SP800-131A compliance results in the following automatic configuration:
Enables FIPS mode processing. When NIST SP800-131A compliance is enabled, FIPS mode processing is enabled regardless of the setting for the fips-mode-processing configuration entry.
Enables TLS v1.2. Notes:
When NIST SP800-131A compliance is enabled, TLS v1.2 is enabled regardless of the setting for the disable-tls-v12 configuration entry.
TLS v1 and TLS v1.1 are not disabled.

Enables the appropriate signature algorithms.
Set the minimum RSA key size to 2048 bytes.

Options

yes A value of yes enables NIST SP800-131A compliance.
no A value of no disables NIST SP800-131A compliance.

Usage: Optional
Default: no
Example:
nist-compliance = no

Parent topic: [ssl] stanza

yes	A value of yes enables NIST SP800-131A compliance.
no	A value of no disables NIST SP800-131A compliance.