This site displays a prototype of a “Web 2.0” version of the daily Federal Register. It is not an official legal edition of the Federal Register, and does not replace the official print version or the official electronic version on GPO’s govinfo.gov.
The documents posted on this site are XML renditions of published Federal Register documents. Each document posted on the site includes a link to the corresponding official PDF file on govinfo.gov. This prototype edition of the daily Federal Register on FederalRegister.gov will remain an unofficial informational resource until the Administrative Committee of the Federal Register (ACFR) issues a regulation granting it official legal status. For complete information about, and access to, our official publications and services, go to About the Federal Register on NARA's archives.gov.
The OFR/GPO partnership is committed to presenting accurate and reliable regulatory information on FederalRegister.gov with the objective of establishing the XML-based Federal Register as an ACFR-sanctioned publication in the future. While every effort has been made to ensure that the material on FederalRegister.gov is accurately displayed, consistent with the official SGML-based PDF version on govinfo.gov, those relying on it for legal research should verify their results against an official edition of the Federal Register. Until the ACFR grants it official status, the XML rendition of the daily Federal Register on FederalRegister.gov does not provide legal notice to the public or judicial notice to the courts.
National Institute of Standards and Technology (NIST), Commerce.
The Secretary of Commerce approves FIPS 140-2, Security Requirements for Cryptographic Modules, which supersedes FIPS Standard 140-1, and makes it compulsory and binding on Federal agencies for the protection of sensitive, unclassified information, FIPS 140-1, which was first published in 1994, specified that it would be reviewed within five years. FIPS 140-2 is the result of the review and replaces FIPS 140-1.
This standard is effective November 25, 2001.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Mr. Ray Snouffer, (301) 975-4436, National Institute of Standards and Technology, 100 Bureau Drive, STOP 8930, Gaithersburg, MD 20899-8930.
A copy of FIPS 140-2 is available electronically from the NIST website at:End Further Info End Preamble Start Supplemental Information
FIPS 140-1, Security Requirements for Cryptographic Modules, first issued in 1994, identified requirements for four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity (e.g., low value administrative data, million dollar funds transfers, and life protecting data), and a diversity of application environments. Over 140 modules have been tested by accredited private-sector laboratories and validated to-date as conforming to this standard. The standard provided that it be reviewed within five years to consider its continued usefulness and to determine whether new or revised requirements should be added.Start Printed Page 34155
A notice was published in the Federal Register (63 FR 56910) on October 23, 1998, soliciting public comments on reaffirming FIPS 140-1. The comments supported reaffirming FIPS 140-1 with technical modifications to address advances in technology since FIPS 140-1 was issued. A notice was published in the Federal Register (64 FR 62654) on November 17, 1999, soliciting public comments on proposed FIPS 140-2, a revision of FIPS 140-1 making such technical modifications. The comments received (available at http://csrc.nist.gov/cryptval/) supported the issuance of proposed FIPS 140-2 with technical and editorial changes. None of them opposed the proposed revision of FIPS 140-1.
The Secretary of Commerce, after making appropriate revisions to proposed FIPS 140-2, approves it, and makes it compulsory and binding on Federal agencies for the protection of sensitive, unclassified information.
E.O. 12866: This notice has been determined to be significant for the purposes of E.O. 12866.Start Signature
Dated: June 21, 2001.
Karen H. Brown,
Acting Director, NIST.
[FR Doc. 01-16186 Filed 6-26-01; 8:45 am]
BILLING CODE 3510-CN-M