Home All Groups Group Topic Archive Search About

.NET 3.0 Workflow tracking service encryption

microsoft.public.dotnet.framework
Author
6 Oct 2006 5:19 PM
theWizK
The workflow tracking service appears to be using the
MD5CryptoServiceProvider when hashing.  This generates an exception on a
FIPS-enabled machine as this algorithm is not FIPS-compliant.  Is the
algorithm selection configurable, or are there plans to modify this service
to use a FIPS-compliant algorithm?  Thanks.

Author
6 Oct 2006 5:38 PM
Cowboy (Gregory A. Beamer)
I would consider going to connect.microsoft.com and joining the .NET 3.0
connection. You can then post your bug/suggestion where the group coding
..NET 3.0 are likely to have it pop up on their radar.

Out of curiousity (ignorance), what does FIPS have to do with this?

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA
http://gregorybeamer.spaces.live.com

*************************************************
Think outside of the box!
*************************************************
Show quote
"theWizK" <theW***@discussions.microsoft.com> wrote in message
news:91BAF6E9-F696-4816-B4D5-0995D35C7FE4@microsoft.com...
> The workflow tracking service appears to be using the
> MD5CryptoServiceProvider when hashing.  This generates an exception on a
> FIPS-enabled machine as this algorithm is not FIPS-compliant.  Is the
> algorithm selection configurable, or are there plans to modify this
> service
> to use a FIPS-compliant algorithm?  Thanks.
Author
6 Oct 2006 6:27 PM
Carl Daniel [VC++ MVP]
"Cowboy (Gregory A. Beamer)" <NoSpamMgbworld@comcast.netNoSpamM> wrote in
message news:eY$ps4W6GHA.2288@TK2MSFTNGP05.phx.gbl...
>I would consider going to connect.microsoft.com and joining the .NET 3.0
>connection. You can then post your bug/suggestion where the group coding
>.NET 3.0 are likely to have it pop up on their radar.
>
> Out of curiousity (ignorance), what does FIPS have to do with this?

FIPS - Federal Information Processing Standard.

Certain applications (e.g. those used by any department of the Federal Govt)
may be required to only use FIPS-approved crypto.  There's a Windows setting
to disable all non-FIPs-approved crypto, including MD5.

-cd

AddThis Social Bookmark Button

Post Other interesting topics
Why convert a VB6 desktop ap to Dot Net?
[Net 2.0] question about background worker and thread synchronization
Dynamically changing a url in a repeater control
Multiple Assembly Version Maintenance
Async Socket IO Question