IBM Support

IBM Rational ClearQuest's support for NIST SP 800-131A guidelines

Question & Answer


What support does Rational ClearQuest provide for organizations wishing to comply with NIST SP 800-131A guidelines?


US. Government organizations might be required to support NIST SP 800-131A guidelines These guidelines place certain restrictions on the types of cryptographic algorithms that are used in application deployments.


If your organization must comply with NIST SP 800-131A guidelines, the following ClearQuest deployment configurations can help with compliance.

The following information can help you determine whether your ClearQuest deployment conforms to the NIST SP 800-131A guidelines:
  • ClearQuest cryptographic keys adhere to a minimum key strength of 112 bits for FIPS 140-2 conforming deployments.
  • ClearQuest does not provide digital signature capability as defined by the guidelines. Use of the ClearQuest eSignature package does not conform to the guidelines of a digital signature since it is not using digital certificates. The eSignature package should not be applied.
  • ClearQuest uses an approved Java random number generator.

[{"Product":{"code":"SSSH5A","label":"Rational ClearQuest"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Web Server (7.1)","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
16 June 2018