What is the position of SQLCE 3.5 when running on Windows Mobile 6.0 in relation to FIPS compliance.
I have read lots of differing reports on this and need a definitive answer, one which comes from a reliable source (please provide links)
I have read this "The encryption modes in SQL Server Compact 3.5 are FIPS complaint if FIPS mode is enabled at the OS level."
Is this true? if so how does one enable it at the OS level.
What this means is that you have to have AES128 support in the OS image and if it is there, then the SQL Compact engine will use it. In Windows CE, if you're creating the OS, then you can decide what parts of crypto to put in, and I believe that AES128 is part of the standard crypto offering (I can't verify because I don't have a PC with Platform Builder on it readily available to me right now).
For Windows Mobile you can't do anything to turn it on or off - it's either there or it isn't. Early versions (i.e. old Pocket PC and Pocket PS 2003 IIRC) had only 56-bit encryption as shipped from the OEM. Based on Microsoft's published info on the Windows Mobile Security Architecture, it looks like WinMo 5.0 and later are now all FIPS compliant.