This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	DocuSign QSCD Appliance	DocuSign QSCD Appliance
cert_id	4441	4782
dgst	6346fc1b001a16dd	7d398da879174500
heuristics/algorithms	CVL#A5167, AES#A5168, KTS#A5168, SHS#A5168, AES#A5167, DRBG#A5167, HMAC#A5168, SHS#A5167, RSA#A5167, HMAC#A5167, RSA#A5168, PBKDF#A5168	ECDSA KeyGen (FIPS186-5)A4404, RSA SigGen (FIPS186-5)A4404, SHA2-256A4404, HMAC-SHA2-256A4404, AES-GCMA4404, PBKDFA4404, KAS-ECC-SSC Sp800-56Ar3A4404, HMAC DRBGA4400, HMAC-SHA2-512A4404, SHA2-384A4404, RSA KeyGen (FIPS186-5)A4400, RSA SigVer (FIPS186-5)A4400, ECDSA SigVer (FIPS186-5)A4404, TLS v1.2 KDF RFC7627A4404, SHA2-512A4404, HMAC-SHA2-384A4404, AES-CBCA4404, ECDSA SigGen (FIPS186-5)A4404
heuristics/cpe_matches	{}	{}
heuristics/direct_transitive_cves	{}	{}
heuristics/extracted_versions	1.1.0.10, 2.0.0.0	1.2.0.7, 2.0.0.0
heuristics/indirect_transitive_cves	{}	{}
heuristics/module_processed_references/directly_referenced_by	{}	{}
heuristics/module_processed_references/directly_referencing	{}	{}
heuristics/module_processed_references/indirectly_referenced_by	{}	{}
heuristics/module_processed_references/indirectly_referencing	{}	{}
heuristics/module_prunned_references	{}	{}
heuristics/policy_processed_references/directly_referenced_by	{}	{}
heuristics/policy_processed_references/directly_referencing	{}	{}
heuristics/policy_processed_references/indirectly_referenced_by	{}	{}
heuristics/policy_processed_references/indirectly_referencing	{}	{}
heuristics/policy_prunned_references	{}	{}
heuristics/related_cves	{}	{}
heuristics/verified_cpe_matches	{}	{}
pdf_data/keywords/fips_cert_id		Cert: #10: 4
pdf_data/keywords/fips_security_level	Level: Level 1: 2 Level 3: 2 level 3: 1	Level: Level 1: 2 Level 3: 3 level 3: 1
pdf_data/keywords/fips_certlike	Certlike: AES 128, 192: 1 AES 256: 4 AES-CBC 128, 256: 1 AES-CBC 256: 3 AES128: 2 AES192: 2 AES256: 2 DRBG4: 1 HMAC 128: 2 HMAC-256: 4 HMAC-SHA-256: 4 HMAC-SHA-256 256: 2 HMAC-SHA-512 256: 2 HMAC-SHA256: 16 HMAC-SHA384: 2 HMAC-SHA512: 2 PKCS#1: 6 RSA 2048: 6 RSA 3072: 2 RSA PKCS#1: 4 SHA-256: 9 SHA-384: 2 SHA-512: 3 SHA-512 2048: 4 SHA256: 2	Certlike: AES / 128, 192: 2 AES / 128, 256: 1 AES 128, 192: 1 AES 256: 2 AES-256: 8 AES-CBC 1: 4 AES-CBC 2: 1 AES-CBC 3: 10 AES-CBC 4: 1 AES-CBC 5: 2 AES-CBC 7: 7 AES128: 2 AES192: 2 AES256: 2 DRBG 1: 1 DRBG4: 1 HMAC- SHA-256: 6 HMAC-256: 2 HMAC-SHA-256: 28 HMAC-SHA-256 1: 8 HMAC-SHA-256 12: 2 HMAC-SHA-256 21: 6 HMAC-SHA-256 KAT 10: 2 HMAC-SHA-384: 8 HMAC-SHA-512: 8 PKCS#1: 30 RSA 2048: 7 RSA 3072: 2 RSA PKCS#1: 4 RSA-PKCS#1: 3 SHA-256: 14 SHA-384: 9 SHA-512: 7 SHA256: 2
pdf_data/keywords/vendor
pdf_data/keywords/eval_facility
pdf_data/keywords/symmetric_crypto	AES_competition: AES: AES: 13 AES128: 2 AES192: 2 AES256: 2 constructions: MAC: HMAC: 4 HMAC-SHA-256: 3 HMAC-SHA-512: 1	AES_competition: AES: AES: 14 AES-256: 8 AES128: 2 AES192: 2 AES256: 2 constructions: MAC: HMAC: 7 HMAC-SHA-256: 23 HMAC-SHA-384: 4 HMAC-SHA-512: 4
pdf_data/keywords/asymmetric_crypto	ECC: ECDH: ECDH: 1 FF: DH: Diffie-Hellman: 1 RSA: RSA 2048: 6 RSA 3072: 2	ECC: ECC: ECC: 1 ECDH: ECDH: 7 ECDHE: 1 ECDSA: ECDSA: 3 FF: DH: Diffie-Hellman: 1 RSA: RSA 2048: 7 RSA 3072: 2 RSA-PSS: 3
pdf_data/keywords/pq_crypto
pdf_data/keywords/hash_function	PBKDF: PBKDF: 2 SHA: SHA2: SHA-256: 9 SHA-384: 2 SHA-512: 7 SHA256: 2	PBKDF: PBKDF: 2 SHA: SHA2: SHA-256: 14 SHA-384: 9 SHA-512: 7 SHA2: 3 SHA256: 2
pdf_data/keywords/crypto_scheme	MAC: MAC: 1	KEX: Key exchange: 1 MAC: MAC: 1
pdf_data/keywords/crypto_protocol	TLS: TLS: TLS: 31 TLS 1.2: 2	TLS: TLS: TLS: 42 TLS 1.2: 4
pdf_data/keywords/randomness	PRNG: DRBG: 8 RNG: RNG: 8	PRNG: DRBG: 14 RNG: RNG: 8
pdf_data/keywords/cipher_mode	CBC: CBC: 5 ECB: ECB: 1 GCM: GCM: 1	CBC: CBC: 5 ECB: ECB: 1 GCM: GCM: 2
pdf_data/keywords/ecc_curve	NIST: P-256: 4 P-384: 4 P-521: 4	NIST: P-256: 14 P-384: 14 P-521: 14
pdf_data/keywords/crypto_engine
pdf_data/keywords/tls_cipher_suite	TLS: TLS_RSA_WITH_AES_128_CBC_SHA256: 2 TLS_RSA_WITH_AES_256_CBC_SHA256: 2 TLS_RSA_WITH_AES_CBC_128_SHA256: 1 TLS_RSA_WITH_AES_CBC_256_SHA256: 1	TLS: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 3 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 3
pdf_data/keywords/crypto_library	OpenSSL: OpenSSL: 2	OpenSSL: OpenSSL: 2
pdf_data/keywords/vulnerability
pdf_data/keywords/side_channel_analysis	FI: physical tampering: 1	FI: malfunction: 1 physical tampering: 3
pdf_data/keywords/device_model
pdf_data/keywords/tee_name		AMD: PSP: 1
pdf_data/keywords/os_name
pdf_data/keywords/cplc_data
pdf_data/keywords/ic_data_group
pdf_data/keywords/standard_id	FIPS: FIPS 140-2: 19 FIPS 180-4: 2 FIPS 186-4: 2 FIPS 197: 3 FIPS 198-1: 2 NIST: NIST SP 800-90A: 3 NIST SP 800-90B: 4 SP 800-132: 1 SP 800-133: 1 SP 800-38D: 1 SP 800-38F: 1 SP 800-90A: 1 PKCS: PKCS#1: 5	FIPS: FIPS 140-3: 16 FIPS 180-4: 2 FIPS 186-5: 9 FIPS 197: 3 FIPS 198-1: 2 ISO: ISO/IEC 19790: 2 ISO/IEC 19790:2012: 1 ISO/IEC 24759: 4 NIST: NIST SP 800-90A: 3 NIST SP 800-90B: 3 SP 800-132: 1 SP 800-133: 1 SP 800-90A: 1 SP 800-90B: 1 PKCS: PKCS#1: 17
pdf_data/keywords/javacard_version
pdf_data/keywords/javacard_api_const
pdf_data/keywords/javacard_packages
pdf_data/keywords/certification_process
pdf_data/policy_metadata	/Author: Moshe Harel /CreationDate: D:20240725155015+03'00' /Creator: Microsoft® Word for Microsoft 365 /ModDate: D:20240725155015+03'00' /Producer: Microsoft® Word for Microsoft 365 /Subject: FIPS 140-2 Security Policy /Title: Non-Proprietary FIPS 140-2 Security Policy pdf_file_size_bytes: 988568 pdf_hyperlinks: http://www.docusign.com/, https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/10, http://csrc.nist.gov/groups/STM/cmvp/index.html, mailto:[email protected], https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17785, https://support.docusign.com/en/contactSupport, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17784, https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/entropy/E10_PublicUse.pdf pdf_is_encrypted: False pdf_number_of_pages: 34	/Author: Andrew Donofrio /CreationDate: D:20240820155822+03'00' /Creator: Microsoft® Word for Microsoft 365 /Keywords: FIPS 140-1 Security Policy Documentation Submission Template /ModDate: D:20240820155822+03'00' /Producer: Microsoft® Word for Microsoft 365 /Subject: FIPS 140-1 Security Policy /Title: Non-Proprietary FIPS 140-1 Security Policy pdf_file_size_bytes: 1177108 pdf_hyperlinks: http://www.docusign.com/, https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/10, http://csrc.nist.gov/groups/STM/cmvp/index.html, https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37010, mailto:[email protected], https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37014, https://support.docusign.com/en/contactSupport, https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/entropy/E10_PublicUse.pdf pdf_is_encrypted: False pdf_number_of_pages: 51
state/module_download_ok	True	True
state/module_extract_ok	True	True
state/policy_convert_garbage	False	False
state/policy_convert_ok	True	True
state/policy_download_ok	True	True
state/policy_extract_ok	True	True
state/policy_pdf_hash	Different	Different
state/policy_txt_hash	Different	Different
web_data/caveat	When operated in FIPS mode; The module generates cryptographic keys whose strengths are modified by available entropy.	Interim validation. When operated in FIPS mode; The module generates cryptographic keys whose strengths are modified by available entropy.
web_data/certificate_pdf_url	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/February 2023_010323_0649.pdf	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2024_010924_0336.pdf
web_data/date_sunset	21.09.2026	27.08.2026
web_data/description	None	The DocuSign QSCD Appliance is a digital signature product intended to be used as a Qualified Signature Creation Device (QSCD) in a secure operational environment. It is a highly secure, high capacity network attached HSM. The device consists of COTS hardware, tamper resistance hardware, a hardened operating system, an internal database and server software.
web_data/embodiment	Multi-Chip Stand Alone	Multi-Chip Stand Alone
web_data/exceptions	Mitigation of Other Attacks: N/A, None, None, None, None	Operational environment: N/A, Non-invasive security: N/A, Mitigation of other attacks: N/A, Documentation requirements: N/A, Cryptographic module security policy: N/A
web_data/fw_versions	1, ., 1, ., 0, ., 1, 0	1, ., 2, ., 0, ., 7, None
web_data/historical_reason	None	None
web_data/hw_versions	2, ., 0, ., 0, ., 0	2, ., 0, ., 0, ., 0
web_data/level	3	3
web_data/mentioned_certs
web_data/module_name	DocuSign QSCD Appliance	DocuSign QSCD Appliance
web_data/module_type	Hardware	Hardware
web_data/revoked_link	None	None
web_data/revoked_reason	None	None
web_data/standard	FIPS 140-2	FIPS 140-3
web_data/status	active	active
web_data/sw_versions	None	None
web_data/tested_conf	[]	[]
web_data/validation_history	date: 22.02.2023 lab: EWA CANADA validation_type: Initial	date: 28.08.2024 lab: EWA CANADA validation_type: Initial
web_data/vendor	DocuSign Ltd.	DocuSign, Inc.
web_data/vendor_url	http://www.docusign.com	http://www.docusign.com