Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-10234

Regulatory compliance for used cryptography

    XMLWordPrintableJSON

Details

    • Epic
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • None
    • crypto-compliance

    Description

      In various jurisdictions there are some restrictions on using different cryptographic functions, algorithms, cyphers etc.

      There is an international standard issued by ISO under ISO/IEC 19790.

      In the US, FIPS 140-3 is based off of the ISO standard, hence it is an easy starting point also considering the fact that most of the legislation probably moves towards the standard rather than creating a new one.
      In China, there is the "China Cryptograhy law" that also contains different rules for different security levels.
      In the EU the legislators are still debating about how to apply rules in order to protect privacy, but fight crime effectively (esp. child abuse).
      Probably there are many more around the world.

      This JIRA is about having an umbrella for crypto and security compliance related changes.

      Attachments

        Issue Links

          Activity

            People

              pifta István Fajth
              pifta István Fajth
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: