SP800-131a in Transition Mode

SP800-131a is implemented in 2 modes, transition vs. strict mode. With SP800-131a Transition mode, the follow is recommended by is not enforced by SecurePlus:
  • FIPS mode must be enabled - DES and RC2 cipher algorithms are disabled.
  • MD5 signature algorithms are disabled.
  • RSA and DSA certificates with key length less than 1024-bits are disabled.
  • Support for TLSV1.2 is enabled.
  • TLSV1.3 is allowed. SSL, TLSV1.0 and TLSV1.1 are allowed but will be removed in a future release. SSL, TLSV1.0 and TLSV1.1 should be disabled.
  • Non-compliant TLS cipher suites are disabled.