Validation
An overall rating is issued for the cryptographic module, which indicates:
- the minimum of the independent ratings received in the areas with levels, and
- the fulfillment of all the requirements in the other areas.
On a vendor's validation certificate, individual ratings are listed, as well as the overall rating.
NIST maintains validation lists for all of its cryptographic standards testing programs (past and present). All of these lists are updated as new modules/implementations receive validation certificates from NIST and CSE. Items on the FIPS 140-1 and FIPS 140-2 validation list reference validated algorithm implementations that appear on the algorithm validation lists.
Read more about this topic: FIPS 140-2