Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Amazon Linux 2 NSS Cryptographic Module
Amazon Linux 2 NSS Cryptographic Module
cert_id 4565 3646
dgst 0969af623440c92e 283f3aceea5cb2cb
heuristics/algorithms HMAC#C803, Triple-DES#C803, DRBG#A3741, AES#A3741, CVL#A3741, AES#A3742, SHS#A3741, DSA#A3741, DSA#C803, HMAC#A3741, KTS#C804, Triple-DES#A3741, SHS#C803, AES#C803, AES#C804, ECDSA#C803, ECDSA#A3741, RSA#C803, CVL#C803, KTS#A3742, KTS#A3741, RSA#A3741, KTS#C803, DRBG#C803 HMAC#C803, AES#C803, AES#C804, Triple-DES#C803, DSA#C803, ECDSA#C803, RSA#C803, KTS#C803, KTS#C804, DRBG#C803, SHS#C803, CVL#C803
heuristics/module_processed_references/directly_referenced_by 4593 3652, 3709
heuristics/module_processed_references/indirectly_referenced_by 4593 3652, 3709
heuristics/policy_processed_references/directly_referenced_by 4593 3652, 3709
heuristics/policy_processed_references/indirectly_referenced_by 4593 2606, 2605, 3566, 3652, 3709, 2958
pdf_data/keywords/eval_facility
  • atsec:
    • atsec: 46
  • atsec:
    • atsec: 44
pdf_data/keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 24
      • AES-256: 1
    • RC:
      • RC2: 2
      • RC4: 2
      • RC5: 1
  • DES:
    • 3DES:
      • TDEA: 1
      • Triple-DES: 15
    • DES:
      • DES: 5
  • constructions:
    • MAC:
      • HMAC: 29
      • HMAC-SHA-224: 1
      • HMAC-SHA-256: 1
      • HMAC-SHA-384: 1
      • HMAC-SHA-512: 1
  • miscellaneous:
    • Camellia:
      • Camellia: 2
    • GOST:
      • GOST 28147-89: 1
    • SEED:
      • SEED: 1
  • AES_competition:
    • AES:
      • AES: 25
      • AES-256: 1
    • RC:
      • RC2: 2
      • RC4: 2
      • RC5: 1
  • DES:
    • 3DES:
      • TDEA: 1
      • Triple-DES: 16
    • DES:
      • DES: 5
  • constructions:
    • MAC:
      • HMAC: 30
      • HMAC-SHA-224: 1
      • HMAC-SHA-256: 1
      • HMAC-SHA-384: 1
      • HMAC-SHA-512: 1
  • miscellaneous:
    • Camellia:
      • Camellia: 2
    • GOST:
      • GOST 28147-89: 1
    • SEED:
      • SEED: 1
pdf_data/keywords/asymmetric_crypto
  • ECC:
    • ECDH:
      • ECDH: 2
    • ECDSA:
      • ECDSA: 11
  • FF:
    • DH:
      • DH: 2
      • DHE: 1
      • Diffie-Hellman: 6
    • DSA:
      • DSA: 19
  • ECC:
    • ECC:
      • ECC: 2
    • ECDH:
      • ECDH: 1
    • ECDSA:
      • ECDSA: 12
  • FF:
    • DH:
      • DH: 1
      • DHE: 1
      • Diffie-Hellman: 19
    • DSA:
      • DSA: 20
pdf_data/keywords/crypto_protocol
  • IKE:
    • IKE: 1
  • TLS:
    • DTLS:
      • DTLS: 2
    • TLS:
      • TLS: 39
      • TLS v1.2: 1
  • IKE:
    • IKE: 1
  • TLS:
    • DTLS:
      • DTLS: 2
    • TLS:
      • TLS: 44
      • TLS v1.2: 1
pdf_data/keywords/randomness
  • PRNG:
    • DRBG: 32
  • RNG:
    • RNG: 1
  • PRNG:
    • DRBG: 34
  • RNG:
    • RNG: 1
pdf_data/keywords/ecc_curve
  • NIST:
    • P-256: 12
    • P-384: 10
    • P-521: 10
  • NIST:
    • P-256: 16
    • P-384: 14
    • P-521: 14
pdf_data/keywords/crypto_library
  • NSS:
    • NSS: 53
  • NSS:
    • NSS: 52
pdf_data/keywords/standard_id
  • FIPS:
    • FIPS 140: 2
    • FIPS 140-2: 60
    • FIPS 186-4: 5
    • FIPS PUB 140-2: 1
    • FIPS140-2: 1
    • FIPS180-4: 2
    • FIPS186-2: 1
    • FIPS186-4: 4
    • FIPS197: 3
    • FIPS198-1: 2
  • NIST:
    • NIST SP 800-90A: 1
    • SP 800-90A: 1
  • PKCS:
    • PKCS #11: 1
    • PKCS #12: 1
    • PKCS #5: 1
    • PKCS #7: 1
    • PKCS#1: 1
    • PKCS#11: 2
  • RFC:
    • RFC3711: 1
    • RFC4347: 1
    • RFC4357: 1
    • RFC5246: 1
    • RFC5288: 1
    • RFC5764: 1
  • X509:
    • X.509: 1
  • FIPS:
    • FIPS 140: 2
    • FIPS 140-2: 59
    • FIPS 186-4: 7
    • FIPS PUB 140-2: 1
    • FIPS140-2: 1
    • FIPS180-4: 2
    • FIPS186-2: 1
    • FIPS186-4: 5
    • FIPS197: 3
    • FIPS198-1: 2
  • NIST:
    • NIST SP 800-135: 1
    • NIST SP 800-90A: 1
  • PKCS:
    • PKCS #11: 1
    • PKCS #12: 1
    • PKCS #5: 1
    • PKCS #7: 1
    • PKCS#1: 1
    • PKCS#11: 2
  • RFC:
    • RFC3711: 1
    • RFC4347: 1
    • RFC4357: 1
    • RFC5246: 1
    • RFC5288: 1
    • RFC5764: 1
  • X509:
    • X.509: 1
pdf_data/policy_metadata
state/policy_pdf_hash Different Different
state/policy_txt_hash Different Different
web_data/certificate_pdf_url https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2023_010923_0844.pdf https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/April 2020_010520_0717.pdf
web_data/date_sunset 19.04.2025
web_data/historical_reason SP 800-56Arev3 transition - replaced by certificate #4565
web_data/status active historical
web_data/tested_conf Amazon Linux 2 running on Amazon EC2 c6g.metal with Graviton 2 with PAA, Amazon Linux 2 running on Amazon EC2 c6g.metal with Graviton 2 without PAA (single-user mode), Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5 with PAA, Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5 without PAA Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5 with PAA, Amazon Linux 2 running on Amazon EC2 i3.metal with Intel Xeon E5 without PAA (single-user mode), ,
web_data/validation_history
  • date: 30.08.2023
  • lab: ATSEC INFORMATION SECURITY CORP
  • validation_type: Initial
  • date: 20.04.2020
  • lab: ATSEC INFORMATION SECURITY CORP
  • validation_type: Initial