IBM Support

IBM Rational ClearQuest's support for NIST SP 800-131A guidelines

Technote (FAQ)


What support does Rational ClearQuest provide for organizations wishing to comply with NIST SP 800-131A guidelines?


US. Government organizations might be required to support NIST SP 800-131A guidelines These guidelines place certain restrictions on the types of cryptographic algorithms that are used in application deployments.


If your organization must comply with NIST SP 800-131A guidelines, the following ClearQuest deployment configurations can help with compliance.

The following information can help you determine whether your ClearQuest deployment conforms to the NIST SP 800-131A guidelines:
  • ClearQuest cryptographic keys adhere to a minimum key strength of 112 bits for FIPS 140-2 conforming deployments.
  • ClearQuest does not provide digital signature capability as defined by the guidelines. Use of the ClearQuest eSignature package does not conform to the guidelines of a digital signature since it is not using digital certificates. The eSignature package should not be applied.
  • ClearQuest uses an approved Java random number generator.

Document information

More support for: Rational ClearQuest
Web Server (7.1)

Software version:

Operating system(s): AIX, Linux, Solaris, Windows

Reference #: 1649580

Modified date: 27 September 2013