[Cryptography] FIPS, NIST and ITAR questions

radix42 at gmail.com radix42 at gmail.com
Tue Sep 3 04:12:25 EDT 2013

Ok, skip this one if you aren't an active crypto library maintainer. I'm updating a hash library from FIPS 180-2 to 180-4 compliance and this list is the place I know where somebody might know the answers to all the following questions without my spending days tracking down the answers.

Please take out the cluebats if there is a centralized resource I've missed.

1) Is there a NIST announce type list so I don't miss an entire standards update cycle or two again? That doesn't cover all the nitty gritty goings on during the journey to publication for FIPS updates?

2) Is anyone aware of ITAR changes for SHA hashes in recent years that require more than the requisite notification email to NSA for download URL and authorship information? Figuring this one out last time around took looootttttttssssss of reading.

Implementation updates look to be quick, its any paperwork changes that might be a pain.


David Mercer

David Mercer
Portland, OR

More information about the cryptography mailing list