1234237 – [QE] Remove Important note in Password Hashing section

Bug 1234237 - [QE] Remove Important note in Password Hashing section

Summary: [QE] Remove Important note in Password Hashing section

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Documentation
Sub Component:
Version:	6.4.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	post-GA
Target Release:	---
Assignee:	Zach Rhoads
QA Contact:	Josef Cacek
Docs Contact:
URL:	https://access.stage.redhat.com/beta/...
Whiteboard:
Depends On:
Blocks:	1233489
TreeView+	depends on / blocked

Reported:	2015-06-22 07:36 UTC by Josef Cacek
Modified:	2018-01-15 12:12 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-10-20 12:58:38 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Josef Cacek 2015-06-22 07:36:31 UTC

Book: Security Architecture
Revision: n_1415923_security-architecture_version_6.4_edition_1.0_release_0-revision_1
Section: Password Hashing

Issue description:
There is an "Important" paragraph in the section. 
"Red Hat JBoss Enterprise Application Platform Common Criteria certified release only supports SHA-256 for password hashing."

This's only related to Common Criteria (CC) certification. The only CC-certified EAP 6.x version is 6.2.2, so this note is not valid for EAP 6.4.x.

Suggestions for improvement:
Remove the "Important" note.
If there is a need to keep the note in the section, then the text should be rephrased to sth like
"Red Hat JBoss Enterprise Application Platform Common Criteria certified configuration doesn't  support hash algorithms weaker than SHA-256."

Note You need to log in before you can comment on or make changes to this bug.