IBM: TCP/IP for VM

ENABLEMENT OF FIPS 140-2 CRYPTOGRAPHIC VALIDATION

 
 STAT= CLOSED  UR1  FESN0461035-     CTID= EN0313 ISEV= 4
 SB18/06/13  RC18/10/12  CL18/11/05  PD           SEV= 4
                        PE=                       TYPE= I
 RCOMP= 5735FAL00    TCP/IP FOR Z/VM RREL= R640
 FCOMP= 5735FAL00    TCP/IP FOR Z/VM PFREL= F     TREL= T999
 ACTION=             SEC/INT=                     DUP/
 USPTF= UI59502      PDPTF=                       DUPS 0
 DW18/06/13  RT18/10/12  SC          FT          RE
 PT          UP          LP          PV          AP
 EN          FL          LC19/03/22  RU19/03/22  OT
 CT          FR          TD          TYPE OF SOLUTION=
 PROJECTED CLOSE CODE=        CUST INST LVL/SU=
 FAILING MODULE= ICSFLIB0     FAILING LVL/SU= 640
 SYSROUTE OF:          RET APAR=             PS=
 STATUS DETAIL= SHIPMENT        RELIEF AVAILABLE=
 COMP OPER ENV=  640  710
 
              N
 
        N
                                     TYPE OF SOLUTION=
 PROJECTED CLOSE CODE=        CUST INST LVL/SU=
 FAILING MODULE=              FAILING LVL/SU=
 SYSROUTE OF:          RET APAR=      N      PS=
 STATUS DETAIL=   N N N N N     RELIEF AVAILABLE=
 COMP OPER ENV=
 
 SYSRES=      SYSIN=      SYSOUT=      CPU=             RE-IPL=
 OPTYPE=                 SPECIAL ACTIVITY=          REGRESSION=
 PRE-SCREEN NO.=          RSCP= RS640
 ERROR DESCRIPTION:
 In order to comply with recent changes to FIPS 140-2
 Implementation Guidance, System SSL requires certain updates
 to bring them into alignment with certification standards.
 LOCAL FIX:
 
 PROBLEM SUMMARY:
 ****************************************************************
 * USERS AFFECTED: All users of z/VM TCP/IP and TLS Servers.    *
 ****************************************************************
 * PROBLEM DESCRIPTION:                                         *
 ****************************************************************
 * RECOMMENDATION: APPLY PTF                                    *
 ****************************************************************
 z/VM System SSL required modifications on start-up in FIPS 140-2
 operational mode in order to comply with 2018 NIST standards.
 These changes have been made.
 Details regarding the cryptographic module, as well as
 associated policy, will be available upon final validation of
 FIPS 140-2 compliance;
 the reports will be available via www.vm.ibm.com/security/ at
 that time.
 PROBLEM CONCLUSION:
 TEMPORARY FIX:
 COMMENTS:
 
 MODULES/MACROS:
 GSKCMS31 GSKC31   GSKC31F  GSKKYMAN GSKMSGA  GSKMSGS  GSKSSL
 GSKSUS31 GSKS31   GSKS31F  GSKTRACE ICSFLIB
 SRLS:
 NONE
 RTN CODES:
 APPLICABLE COMPONENT LEVEL/SU:
 R640 PSY UI59502 UP18/11/14 I      1000
 R710 PSY UI59503 UP18/11/14 P      1901
 CIRCUMVENTION:
 MESSAGE TO SUBMITTER: