Hello . I have been advised that the pending 2020 R3 MIP SDK has some changes in it with regard to FIPS 140-2 Compliance.Can I please have some information on what changes are included and so we can assess any impacts on our customers.

Here is 2020 R3 SDK introduction –

MIPSDK General

XProtect 2020 R3 can be configured to operate in a FIPS 140-2 compliant mode, which also affects certain parts of the SDK and APIs:

Default value for DBExporter.EncryptionStrength has been changed from DES-56 to AES-256.

On a FIPS enabled system, database exports will fail if they use a non-FIPS compliant encryption method.

On a FIPS enabled system, load of exports in database format will fail if they have been encrypted with a non-FIPS compliant encryption method.

Access to licenses (either system or MIP) and feature flags through either EnvironmentManager.SystemLicense or the LicenseManager classes from a pre 2020 R3 standalone or Smart Client integration towards a FIPS enabled VMS will not work. If FIPS is not enabled on the server, the access will still work.

On a FIPS enabled system, pre 2020 R3 MIP SDK versions of MediaProviderService will not work. Similarly, the MediaProviderService cannot communicate with a pre 2020 R3 MIPDriver that is running on a FIPS enabled system.

In general, our partners - especially those with customers running with FIPS enabled - are encouraged to upgrade their standalone integrations to use the 2020 R3 MIP SDK, and also to make sure that their integrations are FIPS compliant.

Item class now has a new property named Encrypt. If this is set to true, everything in the Properties dictionary of the Item will be encrypted before storing in the server database, and decrypted whenever accessed.

Thank you Rie. When will R3 be available for our team to review? (even if it’s an early build)

2020 R3 will release on 29th October.