SP800-131a in Transition Mode
SP800-131a is implemented in 2 modes, transition vs. strict mode.
With SP800-131a Transition mode, the follow is recommended by is
not enforced by SecurePlus:
- FIPS mode must be enabled - DES and RC2 cipher algorithms are disabled.
- MD5 signature algorithms are disabled.
- RSA and DSA certificates with key length less than 1024-bits are disabled.
- Support for TLSV1.2 is enabled.
- TLSV1.3 is allowed. SSL, TLSV1.0 and TLSV1.1 are allowed but with the release of version 6.4, these protocols are no longer available for selection if they are disabled.
- Non-compliant TLS cipher suites are disabled.