From 4aec4bc09db7027e419a464fa1ed12b31631f71f Mon Sep 17 00:00:00 2001
From: Daniel Simpson <dansimp@microsoft.com>
Date: Thu, 20 Aug 2020 10:45:39 -0700
Subject: [PATCH] <strong> tags causing loc issues. replacing w <b>

---
 .../active-directory-accounts.md              |    8 +-
 .../access-control/local-accounts.md          |   14 +-
 .../credential-guard-requirements.md          |    4 +-
 .../hello-feature-pin-reset.md                |    2 +-
 .../hello-how-it-works-provisioning.md        |    2 +-
 .../hello-hybrid-aadj-sso-base.md             |    4 +-
 .../remote-credential-guard.md                |    2 +-
 .../how-user-account-control-works.md         |    2 +-
 .../bitlocker/bitlocker-basic-deployment.md   |   30 +-
 .../bitlocker-group-policy-settings.md        |  734 +++----
 ...ve-encryption-tools-to-manage-bitlocker.md |   28 +-
 ...nd-storage-area-networks-with-bitlocker.md |   38 +-
 .../app-behavior-with-wip.md                  |   14 +-
 .../create-wip-policy-using-configmgr.md      |   20 +-
 .../enlightened-microsoft-apps-and-wip.md     |    2 +-
 .../limitations-with-wip.md                   |   26 +-
 .../testing-scenarios-for-wip.md              |   56 +-
 .../threat-protection/auditing/event-4626.md  |    2 +-
 .../threat-protection/auditing/event-4670.md  |    2 +-
 .../threat-protection/auditing/event-4672.md  |    2 +-
 .../threat-protection/auditing/event-4673.md  |   62 +-
 .../threat-protection/auditing/event-4674.md  |   66 +-
 .../threat-protection/auditing/event-4688.md  |    4 +-
 .../threat-protection/auditing/event-4741.md  |    2 +-
 .../threat-protection/auditing/event-4742.md  |    2 +-
 .../threat-protection/auditing/event-4907.md  |    2 +-
 .../threat-protection/auditing/event-5140.md  |    2 +-
 .../threat-protection/auditing/event-5142.md  |    2 +-
 .../threat-protection/auditing/event-5143.md  |    2 +-
 .../threat-protection/auditing/event-5144.md  |    2 +-
 ...tion-based-protection-of-code-integrity.md |    4 +-
 .../threat-protection/fips-140-validation.md  | 1876 ++++++++---------
 .../intelligence/support-scams.md             |    2 +-
 .../configure-arcsight.md                     |    6 +-
 .../event-error-codes.md                      |    6 +-
 ...defender-smartscreen-available-settings.md |   96 +-
 ...iew-of-threat-mitigations-in-windows-10.md |    6 +-
 ...-the-health-of-windows-10-based-devices.md |    4 +-
 .../create-a-rule-for-packaged-apps.md        |   20 +-
 .../document-your-application-list.md         |    4 +-
 .../plan-for-applocker-policy-management.md   |    2 +-
 ...ements-for-deploying-applocker-policies.md |    4 +-
 ...stand-applocker-policy-design-decisions.md |    2 +-
 .../applocker/what-is-applocker.md            |    4 +-
 44 files changed, 1587 insertions(+), 1587 deletions(-)
diff --git a/windows/security/identity-protection/access-control/active-directory-accounts.md b/windows/security/identity-protection/access-control/active-directory-accounts.md
index dabc7f749b..2ae163cea6 100644
--- a/windows/security/identity-protection/access-control/active-directory-accounts.md
+++ b/windows/security/identity-protection/access-control/active-directory-accounts.md
@@ -470,7 +470,7 @@ Each default local account in Active Directory has a number of account settings
 </tr>
 <tr class="odd">
 <td><p>Account is trusted for delegation</p></td>
-<td><p>Lets a service running under this account perform operations on behalf of other user accounts on the network. A service running under a user account (also known as a service account) that is trusted for delegation can impersonate a client to gain access to resources, either on the computer where the service is running or on other computers. For example, in a forest that is set to the Windows Server 2003 functional level, this setting is found on the <strong>Delegation</strong> tab. It is available only for accounts that have been assigned service principal names (SPNs), which are set by using the <strong>setspn</strong> command from Windows Support Tools. This setting is security-sensitive and should be assigned cautiously.</p></td>
+<td><p>Lets a service running under this account perform operations on behalf of other user accounts on the network. A service running under a user account (also known as a service account) that is trusted for delegation can impersonate a client to gain access to resources, either on the computer where the service is running or on other computers. For example, in a forest that is set to the Windows Server 2003 functional level, this setting is found on the <b>Delegation</b> tab. It is available only for accounts that have been assigned service principal names (SPNs), which are set by using the <b>setspn</b> command from Windows Support Tools. This setting is security-sensitive and should be assigned cautiously.</p></td>
 </tr>
 <tr class="even">
 <td><p>Account is sensitive and cannot be delegated</p></td>
@@ -480,7 +480,7 @@ Each default local account in Active Directory has a number of account settings
 <td><p>Use DES encryption types for this account</p></td>
 <td><p>Provides support for the Data Encryption Standard (DES). DES supports multiple levels of encryption, including Microsoft Point-to-Point Encryption (MPPE) Standard (40-bit and 56-bit), MPPE standard (56-bit), MPPE Strong (128-bit), Internet Protocol security (IPSec) DES (40-bit), IPSec 56-bit DES, and IPSec Triple DES (3DES).</p>
 <div class="alert">
-<strong>Note</strong><br/><p>DES is not enabled by default in Windows Server operating systems starting with Windows Server 2008 R2, nor in Windows client operating systems starting with Windows 7. For these operating systems, computers will not use DES-CBC-MD5 or DES-CBC-CRC cipher suites by default. If your environment requires DES, then this setting might affect compatibility with client computers or services and applications in your environment. For more information, see <a href="https://blogs.technet.com/b/askds/archive/2010/10/19/hunting-down-des-in-order-to-securely-deploy-kerberos.aspx" data-raw-source="[Hunting down DES in order to securely deploy Kerberos](https://blogs.technet.com/b/askds/archive/2010/10/19/hunting-down-des-in-order-to-securely-deploy-kerberos.aspx)">Hunting down DES in order to securely deploy Kerberos</a>.</p>
+<b>Note</b><br/><p>DES is not enabled by default in Windows Server operating systems starting with Windows Server 2008 R2, nor in Windows client operating systems starting with Windows 7. For these operating systems, computers will not use DES-CBC-MD5 or DES-CBC-CRC cipher suites by default. If your environment requires DES, then this setting might affect compatibility with client computers or services and applications in your environment. For more information, see <a href="https://blogs.technet.com/b/askds/archive/2010/10/19/hunting-down-des-in-order-to-securely-deploy-kerberos.aspx" data-raw-source="[Hunting down DES in order to securely deploy Kerberos](https://blogs.technet.com/b/askds/archive/2010/10/19/hunting-down-des-in-order-to-securely-deploy-kerberos.aspx)">Hunting down DES in order to securely deploy Kerberos</a>.</p>
 </div>
 <div>
 
@@ -656,8 +656,8 @@ In this procedure, the workstations are dedicated to domain administrators. By s
         </colgroup>
         <tbody>
         <tr class="odd">
-        <td><p><strong>Windows Update Setting</strong></p></td>
-        <td><p><strong>Configuration</strong></p></td>
+        <td><p><b>Windows Update Setting</b></p></td>
+        <td><p><b>Configuration</b></p></td>
         </tr>
         <tr class="even">
         <td><p>Allow Automatic Updates immediate installation</p></td>
diff --git a/windows/security/identity-protection/access-control/local-accounts.md b/windows/security/identity-protection/access-control/local-accounts.md
index 7e7c2236cd..56e4f2edf2 100644
--- a/windows/security/identity-protection/access-control/local-accounts.md
+++ b/windows/security/identity-protection/access-control/local-accounts.md
@@ -297,9 +297,9 @@ The following table shows the Group Policy and registry settings that are used t
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><p><strong>No.</strong></p></td>
-<td><p><strong>Setting</strong></p></td>
-<td><p><strong>Detailed Description</strong></p></td>
+<td><p><b>No.</b></p></td>
+<td><p><b>Setting</b></p></td>
+<td><p><b>Detailed Description</b></p></td>
 </tr>
 <tr class="even">
 <td><p></p></td>
@@ -334,7 +334,7 @@ The following table shows the Group Policy and registry settings that are used t
 <tr class="even">
 <td><p>3</p></td>
 <td><p>Registry key</p></td>
-<td><p><strong>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System</strong></p></td>
+<td><p><b>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System</b></p></td>
 </tr>
 <tr class="odd">
 <td><p></p></td>
@@ -444,9 +444,9 @@ The following table shows the Group Policy settings that are used to deny networ
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><p><strong>No.</strong></p></td>
-<td><p><strong>Setting</strong></p></td>
-<td><p><strong>Detailed Description</strong></p></td>
+<td><p><b>No.</b></p></td>
+<td><p><b>Setting</b></p></td>
+<td><p><b>Detailed Description</b></p></td>
 </tr>
 <tr class="even">
 <td><p></p></td>
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
index 7f5c4ffe62..25d125585e 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md
@@ -98,7 +98,7 @@ The following tables describe baseline protections, plus protections for improve
 | Hardware: **Trusted Platform Module (TPM)**  |  **Requirement**: TPM 1.2 or TPM 2.0, either discrete or firmware.<br>[TPM recommendations](https://technet.microsoft.com/itpro/windows/keep-secure/tpm-recommendations) | A TPM provides protection for VBS encryption keys that are stored in the firmware. This helps protect against attacks involving a physically present user with BIOS access. |
 | Firmware: **UEFI firmware version 2.3.1.c or higher with UEFI Secure Boot** | **Requirements**: See the following Windows Hardware Compatibility Program requirement: [System.Fundamentals.Firmware.UEFISecureBoot](https://msdn.microsoft.com/library/windows/hardware/dn932805.aspx#system-fundamentals-firmware-uefisecureboot)| UEFI Secure Boot helps ensure that the device boots only authorized code. This can prevent boot kits and root kits from installing and persisting across reboots.  |
 | Firmware: **Secure firmware update process**  | **Requirements**: UEFI firmware must support secure firmware update found under the following Windows Hardware Compatibility Program requirement: [System.Fundamentals.Firmware.UEFISecureBoot](https://msdn.microsoft.com/library/windows/hardware/dn932805.aspx#system-fundamentals-firmware-uefisecureboot).| UEFI firmware just like software can have security vulnerabilities that, when found, need to be patched through firmware updates. Patching helps prevent root kits from getting installed. |
-| Software: Qualified **Windows operating system**  | **Requirement**: Windows 10 Enterprise, Windows 10 Education, Windows Server 2016, or Windows 10 IoT Enterprise<br><blockquote><p><strong>Important:</strong><br> Windows Server 2016 running as a domain controller does not support Windows Defender Credential Guard. </p></blockquote> |Support for VBS and for management features that simplify configuration of Windows Defender Credential Guard. |
+| Software: Qualified **Windows operating system**  | **Requirement**: Windows 10 Enterprise, Windows 10 Education, Windows Server 2016, or Windows 10 IoT Enterprise<br><blockquote><p><b>Important:</b><br> Windows Server 2016 running as a domain controller does not support Windows Defender Credential Guard. </p></blockquote> |Support for VBS and for management features that simplify configuration of Windows Defender Credential Guard. |
 
 > [!IMPORTANT]
 > The following tables list additional qualifications for improved security. We strongly recommend meeting the additional qualifications to significantly strengthen the level of security that Windows Defender Credential Guard can provide.
@@ -133,5 +133,5 @@ The following table lists qualifications for Windows 10, version 1703, which are
 
 | Protections for Improved Security  | Description  | Security Benefits
 |---|---|---|
-| Firmware: **VBS enablement of NX protection for UEFI runtime services** | **Requirements**:<br>• VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;- Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;- PE sections need to be page-aligned in memory (not required for in non-volatile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;- The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><strong>Notes:</strong><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and executable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code | • Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.     |
+| Firmware: **VBS enablement of NX protection for UEFI runtime services** | **Requirements**:<br>• VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;- Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;- PE sections need to be page-aligned in memory (not required for in non-volatile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;- The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><b>Notes:</b><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and executable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code | • Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.     |
 | Firmware: **Firmware support for SMM protection** | **Requirements**: The [Windows SMM Security Mitigations Table (WSMT) specification](https://download.microsoft.com/download/1/8/A/18A21244-EB67-4538-BAA2-1A54E0E490B6/WSMT.docx) contains details of an Advanced Configuration and Power Interface (ACPI) table that was created for use with Windows operating systems that support Windows virtualization-based security (VBS) features. |  • Protects against potential vulnerabilities in UEFI runtime services, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.<br>• Blocks additional security attacks against SMM. |
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md b/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
index 33a9c450e1..7a92ed864a 100644
--- a/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
@@ -84,7 +84,7 @@ To configure PIN reset on Windows devices you manage, use an [Intune Windows 10
 1. In the **Custom OMA-URI Settings** blade, Click **Add**.
 1. In the **Add Row** blade, type **PIN Reset Settings** in the **Name** field. In the **OMA-URI** field, type **./Device/Vendor/MSFT/PassportForWork/*tenant ID*/Policies/EnablePinRecovery** where <b>*tenant ID*</b> is your Azure Active Directory tenant ID from step 2.
 1. Select **Boolean** from the **Data type** list and select **True** from the **Value** list.
-1. Click **OK** to save the row configuration. Click **OK** to close the <strong>Custom OMA-URI Settings blade.  Click **Create</strong> to save the profile.
+1. Click **OK** to save the row configuration. Click **OK** to close the <b>Custom OMA-URI Settings blade.  Click **Create</b> to save the profile.
  
 #### Assign the PIN Reset Device configuration profile using Microsoft Intune
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md
index f220db21f6..0fb161ccb5 100644
--- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md
+++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md
@@ -17,7 +17,7 @@ ms.reviewer:
 ---
 # Windows Hello for Business Provisioning
 <span id="windows-hello-for-business-provisioning" />
-<strong>Applies to:</strong>
+<b>Applies to:</b>
 -   Windows 10
 
 Windows Hello for Business provisioning enables a user to enroll a new, strong, two-factor credential that they can use for passwordless authentication.  Provisioning experience vary based on:
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
index ae11903279..8ea5343d35 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
@@ -187,7 +187,7 @@ The web server is ready to host the CRL distribution point.  Now, configure the
 1. On the issuing certificate authority, sign-in as a local administrator.  Start the **Certificate Authority** console from **Administrative Tools**. 
 2. In the navigation pane, right-click the name of the certificate authority and click **Properties**
 3. Click **Extensions**.  On the **Extensions** tab, select **CRL Distribution Point (CDP)** from the **Select extension** list.
-4. On the **Extensions** tab, click **Add**. Type <strong>http://crl.[domainname]/cdp/</strong> in **location**.  For example, *<http://crl.corp.contoso.com/cdp/>* or *<http://crl.contoso.com/cdp/>* (do not forget the trailing forward slash). 
+4. On the **Extensions** tab, click **Add**. Type <b>http://crl.[domainname]/cdp/</b> in **location**.  For example, *<http://crl.corp.contoso.com/cdp/>* or *<http://crl.contoso.com/cdp/>* (do not forget the trailing forward slash). 
    ![CDP New Location dialog box](images/aadj/cdp-extension-new-location.png)
 5. Select **\<CaName>** from the **Variable** list and click **Insert**.  Select **\<CRLNameSuffix>** from the **Variable** list and click **Insert**.  Select **\<DeltaCRLAllowed>** from the **Variable** list and click **Insert**.
 6. Type **.crl** at the end of the text in **Location**. Click **OK**.
@@ -225,7 +225,7 @@ The web server is ready to host the CRL distribution point.  Now, configure the
 
 Validate your new CRL distribution point is working. 
 
-1. Open a web browser.  Navigate to <strong>http://crl.[yourdomain].com/cdp</strong>.  You should see two files created from publishing your new CRL.
+1. Open a web browser.  Navigate to <b>http://crl.[yourdomain].com/cdp</b>.  You should see two files created from publishing your new CRL.
    ![Validate the new CRL](images/aadj/validate-cdp-using-browser.png)
 
 ### Reissue domain controller certificates
diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md
index 4e95da0531..373339ebcd 100644
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@@ -58,7 +58,7 @@ Use the following table to compare different Remote Desktop connection security
 |                                                 **Protection benefits**                                                  |                                Credentials on the server are not protected from Pass-the-Hash attacks.                                 |  User credentials remain on the client. An attacker can act on behalf of the user *only* when the session is ongoing   |                                                                                  User logs on to the server as local administrator, so an attacker cannot act on behalf of the “domain user”. Any attack is local to the server                                                                                   |
 |                                                   **Version support**                                                    |                                        The remote computer can run any Windows operating system                                        | Both the client and the remote computer must be running **at least Windows 10, version 1607, or Windows Server 2016**. | The remote computer must be running **at least patched Windows 7 or patched Windows Server 2008 R2**. <br /><br />For more information about patches (software updates) related to Restricted Admin mode, see [Microsoft Security Advisory 2871997](https://technet.microsoft.com/library/security/2871997.aspx). |
 | **Helps prevent**   &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   &nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp; |                             &nbsp;&nbsp;&nbsp;&nbsp; N/A &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;                              |                   <ul><li> Pass-the-Hash</li> <li>Use of a credential after disconnection </li></ul>                   |                                                                                                                <ul><li> Pass-the-Hash</li> <li>Use of domain identity during connection </li></ul>                                                                                                                |
-|                             **Credentials supported from the remote desktop client device**                              | <ul><li><strong>Signed on</strong> credentials <li> <strong>Supplied</strong> credentials<li> <strong>Saved</strong> credentials </ul> |                                  <ul><li> <strong>Signed on</strong> credentials only                                  |                                                                                        <ul><li><strong>Signed on</strong> credentials<li><strong>Supplied</strong> credentials<li><strong>Saved</strong> credentials</ul>                                                                                         |
+|                             **Credentials supported from the remote desktop client device**                              | <ul><li><b>Signed on</b> credentials <li> <b>Supplied</b> credentials<li> <b>Saved</b> credentials </ul> |                                  <ul><li> <b>Signed on</b> credentials only                                  |                                                                                        <ul><li><b>Signed on</b> credentials<li><b>Supplied</b> credentials<li><b>Saved</b> credentials</ul>                                                                                         |
 |                                                        **Access**                                                        |                           **Users allowed**, that is, members of Remote Desktop Users group of remote host.                            |                      **Users allowed**, that is, members of Remote Desktop Users of remote host.                       |                                                                                                              **Administrators only**, that is, only members of Administrators group of remote host.                                                                                                               |
 |                                                   **Network identity**                                                   |                               Remote Desktop session **connects to other resources as signed-in user**.                                |                       Remote Desktop session **connects to other resources as signed-in user**.                        |                                                                                                                 Remote Desktop session **connects to other resources as remote host’s identity**.                                                                                                                 |
 |                                                      **Multi-hop**                                                       |                        From the remote desktop, **you can connect through Remote Desktop to another computer**                         |                From the remote desktop, you **can connect through Remote Desktop to another computer**.                |                                                                                                                      Not allowed for user as the session is running as a local host account                                                                                                                       |
diff --git a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
index 4a92507705..560f4b240c 100644
--- a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
+++ b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
@@ -270,7 +270,7 @@ To better understand each component, review the table below:
 </tr>
 </table>
  
-The slider will never turn UAC completely off. If you set it to <strong>Never notify</strong>, it will:
+The slider will never turn UAC completely off. If you set it to <b>Never notify</b>, it will:
 
 -   Keep the UAC service running.
 -   Cause all elevation request initiated by administrators to be auto-approved without showing a UAC prompt.
diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md
index 96fc9bd8c2..405ffb126f 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md
@@ -252,11 +252,11 @@ Windows PowerShell cmdlets provide an alternative way to work with BitLocker. Us
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Name</strong></p></td>
-<td align="left"><p><strong>Parameters</strong></p></td>
+<td align="left"><p><b>Name</b></p></td>
+<td align="left"><p><b>Parameters</b></p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Add-BitLockerKeyProtector</strong></p></td>
+<td align="left"><p><b>Add-BitLockerKeyProtector</b></p></td>
 <td align="left"><p>-ADAccountOrGroup</p>
 <p>-ADAccountOrGroupProtector</p>
 <p>-Confirm</p>
@@ -278,26 +278,26 @@ Windows PowerShell cmdlets provide an alternative way to work with BitLocker. Us
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Backup-BitLockerKeyProtector</strong></p></td>
+<td align="left"><p><b>Backup-BitLockerKeyProtector</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-KeyProtectorId</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Disable-BitLocker</strong></p></td>
+<td align="left"><p><b>Disable-BitLocker</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Disable-BitLockerAutoUnlock</strong></p></td>
+<td align="left"><p><b>Disable-BitLockerAutoUnlock</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Enable-BitLocker</strong></p></td>
+<td align="left"><p><b>Enable-BitLocker</b></p></td>
 <td align="left"><p>-AdAccountOrGroup</p>
 <p>-AdAccountOrGroupProtector</p>
 <p>-Confirm</p>
@@ -322,44 +322,44 @@ Windows PowerShell cmdlets provide an alternative way to work with BitLocker. Us
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Enable-BitLockerAutoUnlock</strong></p></td>
+<td align="left"><p><b>Enable-BitLockerAutoUnlock</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Get-BitLockerVolume</strong></p></td>
+<td align="left"><p><b>Get-BitLockerVolume</b></p></td>
 <td align="left"><p>-MountPoint</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Lock-BitLocker</strong></p></td>
+<td align="left"><p><b>Lock-BitLocker</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-ForceDismount</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Remove-BitLockerKeyProtector</strong></p></td>
+<td align="left"><p><b>Remove-BitLockerKeyProtector</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-KeyProtectorId</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Resume-BitLocker</strong></p></td>
+<td align="left"><p><b>Resume-BitLocker</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Suspend-BitLocker</strong></p></td>
+<td align="left"><p><b>Suspend-BitLocker</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-RebootCount</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Unlock-BitLocker</strong></p></td>
+<td align="left"><p><b>Unlock-BitLocker</b></p></td>
 <td align="left"><p>-AdAccountOrGroup</p>
 <p>-Confirm</p>
 <p>-MountPoint</p>
@@ -374,7 +374,7 @@ Windows PowerShell cmdlets provide an alternative way to work with BitLocker. Us
  
 Similar to manage-bde, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with manage-bde, users need to consider the specific needs of the volume they are encrypting prior to running Windows PowerShell cmdlets.
 A good initial step is to determine the current state of the volume(s) on the computer. You can do this using the <code>Get-BitLocker</code> volume cmdlet. The output from this cmdlet displays information on the volume type, protectors, protection status, and other useful information.
-Occasionally, all protectors may not be shown when using <strong>Get-BitLockerVolume</strong> due to lack of space in the output display. If you do not see all of the protectors for a volume, you can use the Windows PowerShell pipe command (|) to format a listing of the protectors.
+Occasionally, all protectors may not be shown when using <b>Get-BitLockerVolume</b> due to lack of space in the output display. If you do not see all of the protectors for a volume, you can use the Windows PowerShell pipe command (|) to format a listing of the protectors.
 
 > **Note:**  In the event that there are more than four protectors for a volume, the pipe command may run out of display space. For volumes with more than four protectors, use the method described in the section below to generate a listing of all protectors with protector ID.
  
diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
index 436ef15fe7..be8ab9ed7b 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
@@ -106,39 +106,39 @@ This policy setting allows users on devices that are compliant with Modern Stand
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can allow TPM-only protection for newer, more secure devices, such as devices that support Modern Standby or HSTI, while requiring PIN on older devices.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows 10, version 1703</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>This setting overrides the <b>Require startup PIN with TPM</b> option of the <a href="#bkmk-unlockpol1" data-raw-source="[Require additional authentication at startup](#bkmk-unlockpol1)">Require additional authentication at startup</a> policy on compliant hardware.
 
 </p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>Users on Modern Standby and HSTI compliant devices will have the choice to turn on BitLocker without preboot authentication.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The options of the <a href="#bkmk-unlockpol1" data-raw-source="[Require additional authentication at startup](#bkmk-unlockpol1)">Require additional authentication at startup</a> policy apply.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 The preboot authentication option <b>Require startup PIN with TPM</b> of the [Require additional authentication at startup](#bkmk-unlockpol1) policy is often enabled to help ensure security for older devices that do not support Modern Standby.
 But visually impaired users have no audible way to know when to enter a PIN.
@@ -156,37 +156,37 @@ This policy is used in addition to the BitLocker Drive Encryption Network Unlock
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control whether a BitLocker-protected computer that is connected to a trusted local area network and joined to a domain can create and use network key protectors on TPM-enabled computers to automatically unlock the operating system drive when the computer is started.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>Clients configured with a BitLocker Network Unlock certificate can create and use Network Key Protectors.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>Clients cannot create and use Network Key Protectors</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 To use a network key protector to unlock the computer, the computer and the server that hosts BitLocker Drive Encryption Network Unlock must be provisioned with a Network Unlock certificate. The Network Unlock certificate is used to create a network key protector and to protect the information exchange with the server to unlock the computer. You can use the Group Policy setting **Computer Configuration\\Windows Settings\\Security Settings\\Public Key Policies\\BitLocker Drive Encryption Network Unlock Certificate** on the domain controller to distribute this certificate to computers in your organization. This unlock method uses the TPM on the computer, so computers that do not have a TPM cannot create network key protectors to automatically unlock by using Network Unlock.
 
@@ -205,39 +205,39 @@ This policy setting is used to control which unlock options are available for op
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure whether BitLocker requires additional authentication each time the computer starts and whether you are using BitLocker with a Trusted Platform Module (TPM). This policy setting is applied when you turn on BitLocker.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>If one authentication method is required, the other methods cannot be allowed.</p>
-<p>Use of BitLocker with a TPM startup key or with a TPM startup key and a PIN must be disallowed if the <strong>Deny write access to removable drives not protected by BitLocker</strong> policy setting is enabled.</p></td>
+<p>Use of BitLocker with a TPM startup key or with a TPM startup key and a PIN must be disallowed if the <b>Deny write access to removable drives not protected by BitLocker</b> policy setting is enabled.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>Users can configure advanced startup options in the BitLocker Setup Wizard.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>Users can configure only basic options on computers with a TPM.</p>
 <p>Only one of the additional authentication options can be required at startup; otherwise, a policy error occurs.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 If you want to use BitLocker on a computer without a TPM, select **Allow BitLocker without a compatible TPM**. In this mode, a password or USB drive is required for startup. The USB drive stores the startup key that is used to encrypt the drive. When the USB drive is inserted, the startup key is authenticated and the operating system drive is accessible. If the USB drive is lost or unavailable, BitLocker recovery is required to access the drive.
 
@@ -282,31 +282,31 @@ This policy setting permits the use of enhanced PINs when you use an unlock meth
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure whether enhanced startup PINs are used with BitLocker.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>All new BitLocker startup PINs that are set will be enhanced PINs. Existing drives that were protected by using standard startup PINs are not affected.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>Enhanced PINs will not be used.</p></td>
 </tr>
 </tbody>
@@ -330,37 +330,37 @@ This policy setting is used to set a minimum PIN length when you use an unlock m
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure a minimum length for a TPM startup PIN. This policy setting is applied when you turn on BitLocker. The startup PIN must have a minimum length of 4 digits, and it can have a maximum length of 20 digits. By default, the minimum PIN length is 6.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can require that startup PINs set by users must have a minimum length you choose that is between 4 and 20 digits.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>Users can configure a startup PIN of any length between 6 and 20 digits.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker.
 The startup PIN must have a minimum length of 4 digits and can have a maximum length of 20 digits.
@@ -413,31 +413,31 @@ This policy setting allows you to configure whether standard users are allowed t
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure whether standard users are allowed to change the PIN or password used to protect the operating system drive.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>Standard users are not allowed to change BitLocker PINs or passwords.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>Standard users are permitted to change BitLocker PINs or passwords.</p></td>
 </tr>
 </tbody>
@@ -459,37 +459,37 @@ This policy controls how non-TPM based systems utilize the password protector. U
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can specify the constraints for passwords that are used to unlock operating system drives that are protected with BitLocker.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>Passwords cannot be used if FIPS-compliance is enabled.</p>
 <div class="alert">
-<strong>Note</strong><br/><p>The <strong>System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing</strong> policy setting, which is located at <strong>Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options</strong> specifies whether FIPS-compliance is enabled.</p>
+<b>Note</b><br/><p>The <b>System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing</b> policy setting, which is located at <b>Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options</b> specifies whether FIPS-compliance is enabled.</p>
 </div>
 <div>
 
 </div></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
-<td align="left"><p>Users can configure a password that meets the requirements you define. To enforce complexity requirements for the password, select <strong>Require complexity</strong>.</p></td>
+<td align="left"><p><b>When enabled</b></p></td>
+<td align="left"><p>Users can configure a password that meets the requirements you define. To enforce complexity requirements for the password, select <b>Require complexity</b>.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The default length constraint of 8 characters will apply to operating system drive passwords and no complexity checks will occur.</p></td>
 </tr>
 </tbody>
@@ -522,37 +522,37 @@ This policy setting is used to control what unlock options are available for com
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control whether the BitLocker Setup Wizard on computers running Windows Vista or Windows Server 2008 can set up an additional authentication method that is required each time the computer starts.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 and Windows Vista</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives (Windows Server 2008 and Windows Vista)</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>If you choose to require an additional authentication method, other authentication methods cannot be allowed.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>The BitLocker Setup Wizard displays the page that allows the user to configure advanced startup options for BitLocker. You can further configure setting options for computers with or without a TPM.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The BitLocker Setup Wizard displays basic steps that allow users to enable BitLocker on computers with a TPM. In this basic wizard, no additional startup key or startup PIN can be configured.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 On a computer with a compatible TPM, two authentication methods can be used at startup to provide added protection for encrypted data. When the computer starts, it can require users to insert a USB drive that contains a startup key. It can also require users to enter a 6-digit to 20-digit startup PIN.
 
@@ -586,41 +586,41 @@ This policy setting is used to require, allow, or deny the use of smart cards wi
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can specify whether smart cards can be used to authenticate user access to the BitLocker-protected fixed data drives on a computer.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Fixed data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>To use smart cards with BitLocker, you may also need to modify the object identifier setting in the <strong>Computer Configuration\Administrative Templates\BitLocker Drive Encryption\Validate smart card certificate usage rule compliance</strong> policy setting to match the object identifier of your smart card certificates.</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>To use smart cards with BitLocker, you may also need to modify the object identifier setting in the <b>Computer Configuration\Administrative Templates\BitLocker Drive Encryption\Validate smart card certificate usage rule compliance</b> policy setting to match the object identifier of your smart card certificates.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
-<td align="left"><p>Smart cards can be used to authenticate user access to the drive. You can require smart card authentication by selecting the <strong>Require use of smart cards on fixed data drives</strong> check box.</p></td>
+<td align="left"><p><b>When enabled</b></p></td>
+<td align="left"><p>Smart cards can be used to authenticate user access to the drive. You can require smart card authentication by selecting the <b>Require use of smart cards on fixed data drives</b> check box.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>Users cannot use smart cards to authenticate their access to BitLocker-protected fixed data drives.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>Smart cards can be used to authenticate user access to a BitLocker-protected drive.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 >**Note:**  These settings are enforced when turning on BitLocker, not when unlocking a drive. BitLocker allows unlocking a drive by using any of the protectors that are available on the drive.
 
@@ -635,41 +635,41 @@ This policy setting is used to require, allow, or deny the use of passwords with
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can specify whether a password is required to unlock BitLocker-protected fixed data drives.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Fixed data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>To use password complexity, the <strong>Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\Password must meet complexity requirements</strong> policy setting must also be enabled.</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>To use password complexity, the <b>Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\Password must meet complexity requirements</b> policy setting must also be enabled.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
-<td align="left"><p>Users can configure a password that meets the requirements you define. To require the use of a password, select <strong>Require password for fixed data drive</strong>. To enforce complexity requirements on the password, select <strong>Require complexity</strong>.</p></td>
+<td align="left"><p><b>When enabled</b></p></td>
+<td align="left"><p>Users can configure a password that meets the requirements you define. To require the use of a password, select <b>Require password for fixed data drive</b>. To enforce complexity requirements on the password, select <b>Require complexity</b>.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>The user is not allowed to use a password.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>Passwords are supported with the default settings, which do not include password complexity requirements and require only 8 characters.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 When set to **Require complexity**, a connection to a domain controller is necessary to validate the complexity of the password when BitLocker is enabled.
 
@@ -699,41 +699,41 @@ This policy setting is used to require, allow, or deny the use of smart cards wi
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can specify whether smart cards can be used to authenticate user access to BitLocker-protected removable data drives on a computer.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Removable data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>To use smart cards with BitLocker, you may also need to modify the object identifier setting in the <strong>Computer Configuration\Administrative Templates\BitLocker Drive Encryption\Validate smart card certificate usage rule compliance</strong> policy setting to match the object identifier of your smart card certificates.</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>To use smart cards with BitLocker, you may also need to modify the object identifier setting in the <b>Computer Configuration\Administrative Templates\BitLocker Drive Encryption\Validate smart card certificate usage rule compliance</b> policy setting to match the object identifier of your smart card certificates.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
-<td align="left"><p>Smart cards can be used to authenticate user access to the drive. You can require smart card authentication by selecting the <strong>Require use of smart cards on removable data drives</strong> check box.</p></td>
+<td align="left"><p><b>When enabled</b></p></td>
+<td align="left"><p>Smart cards can be used to authenticate user access to the drive. You can require smart card authentication by selecting the <b>Require use of smart cards on removable data drives</b> check box.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>Users are not allowed to use smart cards to authenticate their access to BitLocker-protected removable data drives.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>Smart cards are available to authenticate user access to a BitLocker-protected removable data drive.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 >**Note:**  These settings are enforced when turning on BitLocker, not when unlocking a drive. BitLocker allows unlocking a drive with any of the protectors that are available on the drive.
 
@@ -748,41 +748,41 @@ This policy setting is used to require, allow, or deny the use of passwords with
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can specify whether a password is required to unlock BitLocker-protected removable data drives.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Removable data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>To use password complexity, the <strong>Password must meet complexity requirements</strong> policy setting, which is located at <strong>Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy</strong> must also be enabled.</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>To use password complexity, the <b>Password must meet complexity requirements</b> policy setting, which is located at <b>Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy</b> must also be enabled.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
-<td align="left"><p>Users can configure a password that meets the requirements you define. To require the use of a password, select <strong>Require password for removable data drive</strong>. To enforce complexity requirements on the password, select <strong>Require complexity</strong>.</p></td>
+<td align="left"><p><b>When enabled</b></p></td>
+<td align="left"><p>Users can configure a password that meets the requirements you define. To require the use of a password, select <b>Require password for removable data drive</b>. To enforce complexity requirements on the password, select <b>Require complexity</b>.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>The user is not allowed to use a password.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>Passwords are supported with the default settings, which do not include password complexity requirements and require only 8 characters.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 If you choose to allow the use of a password, you can require a password to be used, enforce complexity requirements, and configure a minimum length. For the complexity requirement setting to be effective, the Group Policy setting **Password must meet complexity requirements**, which is located at
 **Computer Configuration\\Windows Settings\\Security Settings\\Account Policies\\Password Policy** must also be enabled.
@@ -812,37 +812,37 @@ This policy setting is used to determine what certificate to use with BitLocker.
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can associate an object identifier from a smart card certificate to a BitLocker-protected drive.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Fixed and removable data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
-<td align="left"><p>The object identifier that is specified in the <strong>Object identifier</strong> setting must match the object identifier in the smart card certificate.</p></td>
+<td align="left"><p><b>When enabled</b></p></td>
+<td align="left"><p>The object identifier that is specified in the <b>Object identifier</b> setting must match the object identifier in the smart card certificate.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The default object identifier is used.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker.
 
@@ -863,37 +863,37 @@ This policy setting allows users to enable authentication options that require u
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can allow users to enable authentication options that require user input from the preboot environment, even if the platform indicates a lack of preboot input capability.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drive</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drive</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>Devices must have an alternative means of preboot input (such as an attached USB keyboard).</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The Windows Recovery Environment must be enabled on tablets to support entering the BitLocker recovery password.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 The Windows touch keyboard (such as used by tablets) is not available in the preboot environment where BitLocker requires additional information, such as a PIN or password.
 
@@ -918,37 +918,37 @@ This policy setting is used to require encryption of fixed drives prior to grant
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can set whether BitLocker protection is required for fixed data drives to be writable on a computer.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Fixed data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>See the Reference section for a description of conflicts.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>All fixed data drives that are not BitLocker-protected are mounted as Read-only. If the drive is protected by BitLocker, it is mounted with Read and Write access.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>All fixed data drives on the computer are mounted with Read and Write access.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker.
 
@@ -973,37 +973,37 @@ This policy setting is used to require that removable drives are encrypted prior
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure whether BitLocker protection is required for a computer to be able to write data to a removable data drive.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Removable data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>See the Reference section for a description of conflicts.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>All removable data drives that are not BitLocker-protected are mounted as Read-only. If the drive is protected by BitLocker, it is mounted with Read and Write access.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>All removable data drives on the computer are mounted with Read and Write access.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 If the **Deny write access to devices configured in another organization** option is selected, only drives with identification fields that match the computer's identification fields are given Write access. When a removable data drive is accessed, it is checked for a valid identification field and allowed identification fields. These fields are defined by the **Provide the unique identifiers for your organization** policy setting.
 
@@ -1026,41 +1026,41 @@ This policy setting is used to prevent users from turning BitLocker on or off on
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control the use of BitLocker on removable data drives.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Removable data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can select property settings that control how users can configure BitLocker.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>Users cannot use BitLocker on removable data drives.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>Users can use BitLocker on removable data drives.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker.
 
@@ -1082,37 +1082,37 @@ This policy setting is used to control the encryption method and cipher strength
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control the encryption method and strength for drives.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>All drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can choose an encryption algorithm and key cipher strength for BitLocker to use to encrypt drives.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>Beginning with Windows 10, version 1511, BitLocker uses the default encryption method of XTS-AES 128-bit or the encryption method that is specified by the setup script. Windows Phone does not support XTS; it uses AES-CBC 128-bit by default and supports AES-CBC 256-bit by policy.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 The values of this policy determine the strength of the cipher that BitLocker uses for encryption.
 Enterprises may want to control the encryption level for increased security (AES-256 is stronger than AES-128).
@@ -1138,42 +1138,42 @@ This policy controls how BitLocker reacts to systems that are equipped with encr
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can manage BitLocker’s use of hardware-based encryption on fixed data drives and to specify which encryption algorithms BitLocker can use with hardware-based encryption.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Fixed data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can specify additional options that control whether BitLocker software-based encryption is used instead of hardware-based encryption on computers that do not support hardware-based encryption. You can also specify whether you want to restrict the encryption algorithms and cipher suites that are used with hardware-based encryption.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>BitLocker cannot use hardware-based encryption with fixed data drives, and BitLocker software-based encryption is used by default when the drive in encrypted.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>BitLocker software-based encryption is used irrespective of hardware-based encryption ability. 
 </p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 >**Note:**  The **Choose drive encryption method and cipher strength** policy setting does not apply to hardware-based encryption.
 
@@ -1193,41 +1193,41 @@ This policy controls how BitLocker reacts when encrypted drives are used as oper
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can manage BitLocker’s use of hardware-based encryption on operating system drives and specify which encryption algorithms it can use with hardware-based encryption.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can specify additional options that control whether BitLocker software-based encryption is used instead of hardware-based encryption on computers that do not support hardware-based encryption. You can also specify whether you want to restrict the encryption algorithms and cipher suites that are used with hardware-based encryption.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>BitLocker cannot use hardware-based encryption with operating system drives, and BitLocker software-based encryption is used by default when the drive in encrypted.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>BitLocker software-based encryption is used irrespective of hardware-based encryption ability. </p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 If hardware-based encryption is not available, BitLocker software-based encryption is used instead.
 
@@ -1249,41 +1249,41 @@ This policy controls how BitLocker reacts to encrypted drives when they are used
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can manage BitLocker’s use of hardware-based encryption on removable data drives and specify which encryption algorithms it can use with hardware-based encryption.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Removable data drive</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can specify additional options that control whether BitLocker software-based encryption is used instead of hardware-based encryption on computers that do not support hardware-based encryption. You can also specify whether you want to restrict the encryption algorithms and cipher suites that are used with hardware-based encryption.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>BitLocker cannot use hardware-based encryption with removable data drives, and BitLocker software-based encryption is used by default when the drive in encrypted.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>BitLocker software-based encryption is used irrespective of hardware-based encryption ability. </p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 If hardware-based encryption is not available, BitLocker software-based encryption is used instead.
 
@@ -1305,37 +1305,37 @@ This policy controls whether fixed data drives utilize Used Space Only encryptio
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure the encryption type that is used by BitLocker.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Fixed data drive</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>This policy defines the encryption type that BitLocker uses to encrypt drives, and the encryption type option is not presented in the BitLocker Setup Wizard.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The BitLocker Setup Wizard asks the user to select the encryption type before turning on BitLocker.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to require that the entire drive be encrypted when BitLocker is turned on. Choose Used Space Only encryption to require that only the portion of the drive that is used to store data is encrypted when BitLocker is turned on.
 
@@ -1354,37 +1354,37 @@ This policy controls whether operating system drives utilize Full encryption or
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure the encryption type that is used by BitLocker.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drive</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>The encryption type that BitLocker uses to encrypt drives is defined by this policy, and the encryption type option is not presented in the BitLocker Setup Wizard.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The BitLocker Setup Wizard asks the user to select the encryption type before turning on BitLocker.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to require that the entire drive be encrypted when BitLocker is turned on. Choose Used Space Only encryption to require that only the portion of the drive that is used to store data is encrypted when BitLocker is turned on.
 
@@ -1403,37 +1403,37 @@ This policy controls whether fixed data drives utilize Full encryption or Used S
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure the encryption type that is used by BitLocker.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Removable data drive</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>The encryption type that BitLocker uses to encrypt drives is defined by this policy, and the encryption type option is not presented in the BitLocker Setup Wizard.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The BitLocker Setup Wizard asks the user to select the encryption type before turning on BitLocker.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose Full encryption to require that the entire drive be encrypted when BitLocker is turned on. Choose Used Space Only encryption to require that only the portion of the drive that is used to store data is encrypted when BitLocker is turned on.
 
@@ -1452,38 +1452,38 @@ This policy setting is used to configure recovery methods for operating system d
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control how BitLocker-protected operating system drives are recovered in the absence of the required startup key information.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>You must disallow the use of recovery keys if the <strong>Deny write access to removable drives not protected by BitLocker</strong> policy setting is enabled.</p>
-<p>When using data recovery agents, you must enable the <strong>Provide the unique identifiers for your organization</strong> policy setting.</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>You must disallow the use of recovery keys if the <b>Deny write access to removable drives not protected by BitLocker</b> policy setting is enabled.</p>
+<p>When using data recovery agents, you must enable the <b>Provide the unique identifiers for your organization</b> policy setting.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can control the methods that are available to users to recover data from BitLocker-protected operating system drives.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The default recovery options are supported for BitLocker recovery. By default, a data recovery agent is allowed, the recovery options can be specified by the user (including the recovery password and recovery key), and recovery information is not backed up to AD DS.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker.
 
@@ -1513,37 +1513,37 @@ This policy setting is used to configure recovery methods for BitLocker-protecte
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control whether the BitLocker Setup Wizard can display and specify BitLocker recovery options.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 and Windows Vista</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives and fixed data drives on computers running Windows Server 2008 and Windows Vista</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>This policy setting provides an administrative method of recovering data that is encrypted by BitLocker to prevent data loss due to lack of key information. If you choose the <strong>Do not allow</strong> option for both user recovery options, you must enable the <strong>Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)</strong> policy setting to prevent a policy error.</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>This policy setting provides an administrative method of recovering data that is encrypted by BitLocker to prevent data loss due to lack of key information. If you choose the <b>Do not allow</b> option for both user recovery options, you must enable the <b>Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)</b> policy setting to prevent a policy error.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can configure the options that the Bitlocker Setup Wizard displays to users for recovering BitLocker encrypted data.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The BitLocker Setup Wizard presents users with ways to store recovery options.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy is only applicable to computers running Windows Server 2008 or Windows Vista. This policy setting is applied when you turn on BitLocker.
 
@@ -1567,37 +1567,37 @@ This policy setting is used to configure the storage of BitLocker recovery infor
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can manage the AD DS backup of BitLocker Drive Encryption recovery information.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 and Windows Vista</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives and fixed data drives on computers running Windows Server 2008 and Windows Vista.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>BitLocker recovery information is automatically and silently backed up to AD DS when BitLocker is turned on for a computer.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>BitLocker recovery information is not backed up to AD DS.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy is only applicable to computers running Windows Server 2008 or Windows Vista.
 
@@ -1625,37 +1625,37 @@ This policy setting is used to configure the default folder for recovery passwor
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can specify the default path that is displayed when the BitLocker Setup Wizard prompts the user to enter the location of a folder in which to save the recovery password.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Vista</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>All drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can specify the path that will be used as the default folder location when the user chooses the option to save the recovery password in a folder. You can specify a fully qualified path or include the target computer&#39;s environment variables in the path. If the path is not valid, the BitLocker Setup Wizard displays the computer&#39;s top-level folder view.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The BitLocker Setup Wizard displays the computer&#39;s top-level folder view when the user chooses the option to save the recovery password in a folder.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker.
 
@@ -1672,38 +1672,38 @@ This policy setting is used to configure recovery methods for fixed data drives.
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control how BitLocker-protected fixed data drives are recovered in the absence of the required credentials.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Fixed data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>You must disallow the use of recovery keys if the <strong>Deny write access to removable drives not protected by BitLocker</strong> policy setting is enabled.</p>
-<p>When using data recovery agents, you must enable and configure the <strong>Provide the unique identifiers for your organization</strong> policy setting.</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>You must disallow the use of recovery keys if the <b>Deny write access to removable drives not protected by BitLocker</b> policy setting is enabled.</p>
+<p>When using data recovery agents, you must enable and configure the <b>Provide the unique identifiers for your organization</b> policy setting.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can control the methods that are available to users to recover data from BitLocker-protected fixed data drives.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The default recovery options are supported for BitLocker recovery. By default, a data recovery agent is allowed, the recovery options can be specified by the user (including the recovery password and recovery key), and recovery information is not backed up to AD DS.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker.
 
@@ -1733,38 +1733,38 @@ This policy setting is used to configure recovery methods for removable data dri
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control how BitLocker-protected removable data drives are recovered in the absence of the required credentials.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Removable data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>You must disallow the use of recovery keys if the <strong>Deny write access to removable drives not protected by BitLocker</strong> policy setting is enabled.</p>
-<p>When using data recovery agents, you must enable and configure the <strong>Provide the unique identifiers for your organization</strong> policy setting.</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>You must disallow the use of recovery keys if the <b>Deny write access to removable drives not protected by BitLocker</b> policy setting is enabled.</p>
+<p>When using data recovery agents, you must enable and configure the <b>Provide the unique identifiers for your organization</b> policy setting.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can control the methods that are available to users to recover data from BitLocker-protected removable data drives.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The default recovery options are supported for BitLocker recovery. By default, a data recovery agent is allowed, the recovery options can be specified by the user (including the recovery password and recovery key), and recovery information is not backed up to AD DS.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker.
 
@@ -1791,37 +1791,37 @@ This policy setting is used to configure the entire recovery message and to repl
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure the BitLocker recovery screen to display a customized message and URL.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows 10</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration \ Administrative Templates \ Windows Components \ BitLocker Drive Encryption \ Operating System Drives \ Configure pre-boot recovery message and URL</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
-<td align="left"><p>The customized message and URL are displayed on the pre-boot recovery screen. If you have previously enabled a custom recovery message and URL and want to revert to the default message and URL, you must keep the policy setting enabled and select the <strong>Use default recovery message and URL</strong> option.</p></td>
+<td align="left"><p><b>When enabled</b></p></td>
+<td align="left"><p>The customized message and URL are displayed on the pre-boot recovery screen. If you have previously enabled a custom recovery message and URL and want to revert to the default message and URL, you must keep the policy setting enabled and select the <b>Use default recovery message and URL</b> option.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>If the setting has not been previously enabled the default pre-boot recovery screen is displayed for BitLocker recovery. If the setting previously was enabled and is subsequently disabled the last message in Boot Configuration Data (BCD) is displayed whether it was the default recovery message or the custom message.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 Enabling the **Configure the pre-boot recovery message and URL** policy setting allows you to customize the default recovery screen message and URL to assist customers in recovering their key.
 
@@ -1846,38 +1846,38 @@ This policy controls how BitLocker-enabled system volumes are handled in conjunc
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure whether Secure Boot will be allowed as the platform integrity provider for BitLocker operating system drives.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>All drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>If you enable <strong>Allow Secure Boot for integrity validation</strong>, make sure the <strong>Configure TPM platform validation profile for native UEFI firmware configurations</strong> Group Policy setting is not enabled or include PCR 7 to allow BitLocker to use Secure Boot for platform or BCD integrity validation.</p>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>If you enable <b>Allow Secure Boot for integrity validation</b>, make sure the <b>Configure TPM platform validation profile for native UEFI firmware configurations</b> Group Policy setting is not enabled or include PCR 7 to allow BitLocker to use Secure Boot for platform or BCD integrity validation.</p>
 <p>For more information about PCR 7, see <a href="#bkmk-pcr" data-raw-source="[Platform Configuration Register (PCR)](#bkmk-pcr)">Platform Configuration Register (PCR)</a> in this topic.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled or not configured</strong></p></td>
+<td align="left"><p><b>When enabled or not configured</b></p></td>
 <td align="left"><p>BitLocker uses Secure Boot for platform integrity if the platform is capable of Secure Boot-based integrity validation.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>BitLocker uses legacy platform integrity validation, even on systems that are capable of Secure Boot-based integrity validation.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 Secure Boot ensures that the computer's preboot environment loads only firmware that is digitally signed by authorized software publishers. Secure Boot also provides more flexibility for managing preboot configurations than BitLocker integrity checks prior to Windows Server 2012 and Windows 8.
 When this policy is enabled and the hardware is capable of using Secure Boot for BitLocker scenarios, the **Use enhanced Boot Configuration Data validation profile** Group Policy setting is ignored, and Secure Boot verifies BCD settings according to the Secure Boot policy setting, which is configured separately from BitLocker.
@@ -1895,37 +1895,37 @@ This policy setting is used to establish an identifier that is applied to all dr
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can associate unique organizational identifiers to a new drive that is enabled with BitLocker.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>All drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>Identification fields are required to manage certificate-based data recovery agents on BitLocker-protected drives. BitLocker manages and updates certificate-based data recovery agents only when the identification field is present on a drive and it is identical to the value that is configured on the computer.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can configure the identification field on the BitLocker-protected drive and any allowed identification field that is used by your organization.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The identification field is not required.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 These identifiers are stored as the identification field and the allowed identification field. The identification field allows you to associate a unique organizational identifier to BitLocker-protected drives. This identifier is automatically added to new BitLocker-protected drives, and it can be updated on existing BitLocker-protected drives by using the [Manage-bde](https://technet.microsoft.com/library/ff829849.aspx) command-line tool.
 
@@ -1952,37 +1952,37 @@ This policy setting is used to control whether the computer's memory will be ove
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control computer restart performance at the risk of exposing BitLocker secrets.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Vista</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>All drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>The computer will not overwrite memory when it restarts. Preventing memory overwrite may improve restart performance, but it increases the risk of exposing BitLocker secrets.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>BitLocker secrets are removed from memory when the computer restarts.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting is applied when you turn on BitLocker. BitLocker secrets include key material that is used to encrypt data. This policy setting applies only when BitLocker protection is enabled.
 
@@ -1997,37 +1997,37 @@ This policy setting determines what values the TPM measures when it validates ea
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure how the computer&#39;s TPM security hardware secures the BitLocker encryption key.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can configure the boot components that the TPM validates before unlocking access to the BitLocker-encrypted operating system drive. If any of these components change while BitLocker protection is in effect, the TPM does not release the encryption key to unlock the drive. Instead, the computer displays the BitLocker Recovery console and requires that the recovery password or the recovery key is provided to unlock the drive.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The TPM uses the default platform validation profile or the platform validation profile that is specified by the setup script.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting does not apply if the computer does not have a compatible TPM or if BitLocker has already been turned on with TPM protection.
 
@@ -2072,37 +2072,37 @@ This policy setting determines what values the TPM measures when it validates ea
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure how the computer&#39;s TPM security hardware secures the BitLocker encryption key.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 and Windows Vista</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can configure the boot components that the TPM validates before unlocking access to the BitLocker-encrypted operating system drive. If any of these components change while BitLocker protection is in effect, the TPM does not release the encryption key to unlock the drive. Instead, the computer displays the BitLocker Recovery console and requires that the recovery password or the recovery key is provided to unlock the drive.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>The TPM uses the default platform validation profile or the platform validation profile that is specified by the setup script.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting does not apply if the computer does not have a compatible TPM or if BitLocker is already turned on with TPM protection.
 
@@ -2147,39 +2147,39 @@ This policy setting determines what values the TPM measures when it validates ea
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure how the computer&#39;s Trusted Platform Module (TPM) security hardware secures the BitLocker encryption key.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>Setting this policy with PCR 7 omitted, overrides the <strong>Allow Secure Boot for integrity validation</strong> Group Policy setting, and it prevents BitLocker from using Secure Boot for platform or Boot Configuration Data (BCD) integrity validation.</p>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>Setting this policy with PCR 7 omitted, overrides the <b>Allow Secure Boot for integrity validation</b> Group Policy setting, and it prevents BitLocker from using Secure Boot for platform or Boot Configuration Data (BCD) integrity validation.</p>
 <p>If your environments use TPM and Secure Boot for platform integrity checks, this policy should not be configured.</p>
 <p>For more information about PCR 7, see <a href="#bkmk-pcr" data-raw-source="[Platform Configuration Register (PCR)](#bkmk-pcr)">Platform Configuration Register (PCR)</a> in this topic.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>Before you turn on BitLocker, you can configure the boot components that the TPM validates before it unlocks access to the BitLocker-encrypted operating system drive. If any of these components change while BitLocker protection is in effect, the TPM does not release the encryption key to unlock the drive. Instead, the computer displays the BitLocker Recovery console and requires that the recovery password or the recovery key is provided to unlock the drive.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>BitLocker uses the default platform validation profile or the platform validation profile that is specified by the setup script.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy setting does not apply if the computer does not have a compatible TPM or if BitLocker is already turned on with TPM protection.
 
@@ -2222,41 +2222,41 @@ This policy setting determines if you want platform validation data to refresh w
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can control whether platform validation data is refreshed when Windows is started following a BitLocker recovery.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>Platform validation data is refreshed when Windows is started following a BitLocker recovery.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>Platform validation data is not refreshed when Windows is started following a BitLocker recovery.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>Platform validation data is refreshed when Windows is started following a BitLocker recovery.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 For more information about the recovery process, see the [BitLocker recovery guide](bitlocker-recovery-guide-plan.md).
 
@@ -2271,41 +2271,41 @@ This policy setting determines specific Boot Configuration Data (BCD) settings t
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can specify Boot Configuration Data (BCD) settings to verify during platform validation.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2012 and Windows 8</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Operating system drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
-<td align="left"><p>When BitLocker is using Secure Boot for platform and Boot Configuration Data integrity validation, the <strong>Use enhanced Boot Configuration Data validation profile</strong> Group Policy setting is ignored (as defined by the <strong>Allow Secure Boot for integrity validation</strong> Group Policy setting).</p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
+<td align="left"><p>When BitLocker is using Secure Boot for platform and Boot Configuration Data integrity validation, the <b>Use enhanced Boot Configuration Data validation profile</b> Group Policy setting is ignored (as defined by the <b>Allow Secure Boot for integrity validation</b> Group Policy setting).</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>You can add additional BCD settings, exclude the BCD settings you specify, or combine inclusion and exclusion lists to create a customized BCD validation profile, which gives you the ability to verify those BCD settings.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>The computer reverts to a BCD profile validation similar to the default BCD profile that is used by Windows 7.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When not configured</strong></p></td>
+<td align="left"><p><b>When not configured</b></p></td>
 <td align="left"><p>The computer verifies the default BCD settings in Windows.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 >**Note:**  The setting that controls boot debugging (0x16000010) is always validated, and it has no effect if it is included in the inclusion or the exclusion list.
 
@@ -2320,37 +2320,37 @@ This policy setting is used to control whether access to drives is allowed by us
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure whether fixed data drives that are formatted with the FAT file system can be unlocked and viewed on computers running Windows Vista, Windows XP with Service Pack 3 (SP3), or Windows XP with Service Pack 2 (SP2).</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Fixed data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Fixed Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong> and <strong>When not configured</strong></p></td>
+<td align="left"><p><b>When enabled</b> and <b>When not configured</b></p></td>
 <td align="left"><p>Fixed data drives that are formatted with the FAT file system can be unlocked on computers running Windows Server 2008, Windows Vista, Windows XP with SP3, or Windows XP with SP2, and their content can be viewed. These operating systems have Read-only access to BitLocker-protected drives.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>Fixed data drives that are formatted with the FAT file system and are BitLocker-protected cannot be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2. BitLocker To Go Reader (bitlockertogo.exe) is not installed.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 >**Note:**  This policy setting does not apply to drives that are formatted with the NTFS file system.
 
@@ -2367,37 +2367,37 @@ This policy setting controls access to removable data drives that are using the
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>With this policy setting, you can configure whether removable data drives that are formatted with the FAT file system can be unlocked and viewed on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2008 R2 and Windows 7</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>Removable data drives</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
 <td align="left"><p>Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>None</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong> and <strong>When not configured</strong></p></td>
+<td align="left"><p><b>When enabled</b> and <b>When not configured</b></p></td>
 <td align="left"><p>Removable data drives that are formatted with the FAT file system can be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2, and their content can be viewed. These operating systems have Read-only access to BitLocker-protected drives.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled</strong></p></td>
+<td align="left"><p><b>When disabled</b></p></td>
 <td align="left"><p>Removable data drives that are formatted with the FAT file system that are BitLocker-protected cannot be unlocked on computers running Windows Vista, Windows XP with SP3, or Windows XP with SP2. BitLocker To Go Reader (bitlockertogo.exe) is not installed.</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 >**Note:**  This policy setting does not apply to drives that are formatted with the NTFS file system.
 
@@ -2414,37 +2414,37 @@ You can configure the Federal Information Processing Standard (FIPS) setting for
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Policy description</strong></p></td>
+<td align="left"><p><b>Policy description</b></p></td>
 <td align="left"><p>Notes</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Introduced</strong></p></td>
+<td align="left"><p><b>Introduced</b></p></td>
 <td align="left"><p>Windows Server 2003 with SP1</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Drive type</strong></p></td>
+<td align="left"><p><b>Drive type</b></p></td>
 <td align="left"><p>System-wide</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Policy path</strong></p></td>
-<td align="left"><p>Local Policies\Security Options\System cryptography: <strong>Use FIPS compliant algorithms for encryption, hashing, and signing</strong></p></td>
+<td align="left"><p><b>Policy path</b></p></td>
+<td align="left"><p>Local Policies\Security Options\System cryptography: <b>Use FIPS compliant algorithms for encryption, hashing, and signing</b></p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Conflicts</strong></p></td>
+<td align="left"><p><b>Conflicts</b></p></td>
 <td align="left"><p>Some applications, such as Terminal Services, do not support FIPS-140 on all operating systems.</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>When enabled</strong></p></td>
+<td align="left"><p><b>When enabled</b></p></td>
 <td align="left"><p>Users will be unable to save a recovery password to any location. This includes AD DS and network folders. In addition, you cannot use WMI or the BitLocker Drive Encryption Setup wizard to create a recovery password.</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>When disabled or not configured</strong></p></td>
+<td align="left"><p><b>When disabled or not configured</b></p></td>
 <td align="left"><p>No BitLocker encryption key is generated</p></td>
 </tr>
 </tbody>
 </table>
 
-<strong>Reference</strong>
+<b>Reference</b>
 
 This policy needs to be enabled before any encryption key is generated for BitLocker. Note that when this policy is enabled, BitLocker prevents creating or using recovery passwords, so recovery keys should be used instead.
 
diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
index e4e1a3ffcd..220bed5038 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
@@ -126,11 +126,11 @@ Windows PowerShell cmdlets provide a new way for administrators to use when work
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Name</strong></p></td>
-<td align="left"><p><strong>Parameters</strong></p></td>
+<td align="left"><p><b>Name</b></p></td>
+<td align="left"><p><b>Parameters</b></p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Add-BitLockerKeyProtector</strong></p></td>
+<td align="left"><p><b>Add-BitLockerKeyProtector</b></p></td>
 <td align="left"><p>-ADAccountOrGroup</p>
 <p>-ADAccountOrGroupProtector</p>
 <p>-Confirm</p>
@@ -152,26 +152,26 @@ Windows PowerShell cmdlets provide a new way for administrators to use when work
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Backup-BitLockerKeyProtector</strong></p></td>
+<td align="left"><p><b>Backup-BitLockerKeyProtector</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-KeyProtectorId</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Disable-BitLocker</strong></p></td>
+<td align="left"><p><b>Disable-BitLocker</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Disable-BitLockerAutoUnlock</strong></p></td>
+<td align="left"><p><b>Disable-BitLockerAutoUnlock</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Enable-BitLocker</strong></p></td>
+<td align="left"><p><b>Enable-BitLocker</b></p></td>
 <td align="left"><p>-AdAccountOrGroup</p>
 <p>-AdAccountOrGroupProtector</p>
 <p>-Confirm</p>
@@ -196,44 +196,44 @@ Windows PowerShell cmdlets provide a new way for administrators to use when work
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Enable-BitLockerAutoUnlock</strong></p></td>
+<td align="left"><p><b>Enable-BitLockerAutoUnlock</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Get-BitLockerVolume</strong></p></td>
+<td align="left"><p><b>Get-BitLockerVolume</b></p></td>
 <td align="left"><p>-MountPoint</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Lock-BitLocker</strong></p></td>
+<td align="left"><p><b>Lock-BitLocker</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-ForceDismount</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Remove-BitLockerKeyProtector</strong></p></td>
+<td align="left"><p><b>Remove-BitLockerKeyProtector</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-KeyProtectorId</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Resume-BitLocker</strong></p></td>
+<td align="left"><p><b>Resume-BitLocker</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Suspend-BitLocker</strong></p></td>
+<td align="left"><p><b>Suspend-BitLocker</b></p></td>
 <td align="left"><p>-Confirm</p>
 <p>-MountPoint</p>
 <p>-RebootCount</p>
 <p>-WhatIf</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Unlock-BitLocker</strong></p></td>
+<td align="left"><p><b>Unlock-BitLocker</b></p></td>
 <td align="left"><p>-AdAccountOrGroup</p>
 <p>-Confirm</p>
 <p>-MountPoint</p>
diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
index 1473dadc79..d6b97d2ac5 100644
--- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
@@ -168,91 +168,91 @@ The following table contains information about both Physical Disk Resources (i.e
 </colgroup>
 <tbody>
 <tr class="odd">
-<td align="left"><p><strong>Action</strong></p></td>
-<td align="left"><p><strong>On owner node of failover volume</strong></p></td>
-<td align="left"><p><strong>On Metadata Server (MDS) of CSV</strong></p></td>
-<td align="left"><p><strong>On (Data Server) DS of CSV</strong></p></td>
-<td align="left"><p><strong>Maintenance Mode</strong></p></td>
+<td align="left"><p><b>Action</b></p></td>
+<td align="left"><p><b>On owner node of failover volume</b></p></td>
+<td align="left"><p><b>On Metadata Server (MDS) of CSV</b></p></td>
+<td align="left"><p><b>On (Data Server) DS of CSV</b></p></td>
+<td align="left"><p><b>Maintenance Mode</b></p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Manage-bde –on</strong></p></td>
+<td align="left"><p><b>Manage-bde –on</b></p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Manage-bde –off</strong></p></td>
+<td align="left"><p><b>Manage-bde –off</b></p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Manage-bde Pause/Resume</strong></p></td>
+<td align="left"><p><b>Manage-bde Pause/Resume</b></p></td>
 <td align="left"><p>Blocked</p></td>
-<td align="left"><p>Blocked<strong></p></td>
+<td align="left"><p>Blocked<b></p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Manage-bde –lock</strong></p></td>
+<td align="left"><p><b>Manage-bde –lock</b></p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>manage-bde –wipe</strong></p></td>
+<td align="left"><p><b>manage-bde –wipe</b></p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Unlock</strong></p></td>
+<td align="left"><p><b>Unlock</b></p></td>
 <td align="left"><p>Automatic via cluster service</p></td>
 <td align="left"><p>Automatic via cluster service</p></td>
 <td align="left"><p>Automatic via cluster service</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>manage-bde –protector –add</strong></p></td>
+<td align="left"><p><b>manage-bde –protector –add</b></p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>manage-bde -protector -delete</strong></p></td>
+<td align="left"><p><b>manage-bde -protector -delete</b></p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>manage-bde –autounlock</strong></p></td>
+<td align="left"><p><b>manage-bde –autounlock</b></p></td>
 <td align="left"><p>Allowed (not recommended)</p></td>
 <td align="left"><p>Allowed (not recommended)</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed (not recommended)</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Manage-bde -upgrade</strong></p></td>
+<td align="left"><p><b>Manage-bde -upgrade</b></p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="even">
-<td align="left"><p><strong>Shrink</strong></p></td>
+<td align="left"><p><b>Shrink</b></p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Blocked</p></td>
 <td align="left"><p>Allowed</p></td>
 </tr>
 <tr class="odd">
-<td align="left"><p><strong>Extend</strong></p></td>
+<td align="left"><p><b>Extend</b></p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Allowed</p></td>
 <td align="left"><p>Blocked</p></td>
@@ -261,7 +261,7 @@ The following table contains information about both Physical Disk Resources (i.e
 </tbody>
 </table>
  
-&gt;</strong>Note:**  Although the manage-bde -pause command is Blocked in clusters, the cluster service will automatically resume a paused encryption or decryption from the MDS node
+&gt;</b>Note:**  Although the manage-bde -pause command is Blocked in clusters, the cluster service will automatically resume a paused encryption or decryption from the MDS node
  
 In the case where a physical disk resource experiences a failover event during conversion, the new owning node will detect the conversion is not complete and will complete the conversion process.
 
diff --git a/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md b/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
index 23f23e50da..97733a4dd7 100644
--- a/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
+++ b/windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
@@ -53,7 +53,7 @@ This table includes info about how unenlightened apps might behave, based on you
         <th align="center">Name-based policies, using the /&#42;AppCompat&#42;/ string or proxy-based policies</th>
     </tr>
    <tr align="left">
-     <td><strong>Not required.</strong> App connects to enterprise cloud resources directly, using an IP address.</td>
+     <td><b>Not required.</b> App connects to enterprise cloud resources directly, using an IP address.</td>
      <td>
         <ul>
             <li>App is entirely blocked from both personal and enterprise cloud resources.</li>
@@ -70,7 +70,7 @@ This table includes info about how unenlightened apps might behave, based on you
     </td>
    </tr>
     <tr align="left">
-     <td><strong>Not required.</strong> App connects to enterprise cloud resources, using a hostname.</td>
+     <td><b>Not required.</b> App connects to enterprise cloud resources, using a hostname.</td>
      <td colspan="2">
         <ul>
             <li>App is blocked from accessing enterprise cloud resources, but can access other network resources.</li>
@@ -80,7 +80,7 @@ This table includes info about how unenlightened apps might behave, based on you
     </td>
    </tr>
     <tr align="left">
-     <td><strong>Allow.</strong> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
+     <td><b>Allow.</b> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
      <td colspan="2">
         <ul>
             <li>App can access both personal and enterprise cloud resources.</li>
@@ -90,7 +90,7 @@ This table includes info about how unenlightened apps might behave, based on you
     </td>
    </tr>
     <tr align="left" colspan="2">
-     <td><strong>Exempt.</strong> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
+     <td><b>Exempt.</b> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
      <td colspan="2">
         <ul>
             <li>App can access both personal and enterprise cloud resources.</li>
@@ -110,7 +110,7 @@ This table includes info about how enlightened apps might behave, based on your
      <th>Networking policy configuration for name-based policies, possibly using the /&#42;AppCompat&#42;/ string, or proxy-based policies</th>
    </tr>
     <tr>
-        <td><strong>Not required.</strong> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
+        <td><b>Not required.</b> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
         <td>
             <ul>
                 <li>App is blocked from accessing enterprise cloud resources, but can access other network resources.</li>
@@ -120,7 +120,7 @@ This table includes info about how enlightened apps might behave, based on your
         </td>
     </tr>
     <tr>
-        <td><strong>Allow.</strong> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
+        <td><b>Allow.</b> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
         <td>
             <ul>
                 <li>App can access both personal and enterprise cloud resources.</li>
@@ -130,7 +130,7 @@ This table includes info about how enlightened apps might behave, based on your
         </td>
     </tr>
     <tr>
-        <td><strong>Exempt.</strong> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
+        <td><b>Exempt.</b> App connects to enterprise cloud resources, using an IP address or a hostname.</td>
         <td>
             <ul>
                 <li>App can access both personal and enterprise cloud resources.</li>
diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md
index a5baa19809..49a57283b7 100644
--- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md
+++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-configmgr.md
@@ -190,27 +190,27 @@ For this example, we're going to add Internet Explorer, a desktop app, to the **
             <td>All files signed by any publisher. (Not recommended.)</td>
         </tr>
         <tr>
-            <td><strong>Publisher</strong> selected</td>
+            <td><b>Publisher</b> selected</td>
             <td>All files signed by the named publisher.<p>This might be useful if your company is the publisher and signer of internal line-of-business apps.</td>
         </tr>
         <tr>
-            <td><strong>Publisher</strong> and <strong>Product Name</strong> selected</td>
+            <td><b>Publisher</b> and <b>Product Name</b> selected</td>
             <td>All files for the specified product, signed by the named publisher.</td>
         </tr>
         <tr>
-            <td><strong>Publisher</strong>, <strong>Product Name</strong>, and <strong>Binary name</strong> selected</td>
+            <td><b>Publisher</b>, <b>Product Name</b>, and <b>Binary name</b> selected</td>
             <td>Any version of the named file or package for the specified product, signed by the named publisher.</td>
         </tr>
         <tr>
-            <td><strong>Publisher</strong>, <strong>Product Name</strong>, <strong>Binary name</strong>, and <strong>File Version, and above</strong>, selected</td>
+            <td><b>Publisher</b>, <b>Product Name</b>, <b>Binary name</b>, and <b>File Version, and above</b>, selected</td>
             <td>Specified version or newer releases of the named file or package for the specified product, signed by the named publisher.<p>This option is recommended for enlightened apps that weren't previously enlightened.</td>
         </tr>
         <tr>
-            <td><strong>Publisher</strong>, <strong>Product Name</strong>, <strong>Binary name</strong>, and <strong>File Version, And below</strong> selected</td>
+            <td><b>Publisher</b>, <b>Product Name</b>, <b>Binary name</b>, and <b>File Version, And below</b> selected</td>
             <td>Specified version or older releases of the named file or package for the specified product, signed by the named publisher.</td>
         </tr>
         <tr>
-            <td><strong>Publisher</strong>, <strong>Product Name</strong>, <strong>Binary name</strong>, and <strong>File Version, Exactly</strong> selected</td>
+            <td><b>Publisher</b>, <b>Product Name</b>, <b>Binary name</b>, and <b>File Version, Exactly</b> selected</td>
             <td>Specified version of the named file or package for the specified product, signed by the named publisher.</td>
         </tr>
     </table>
@@ -403,8 +403,8 @@ There are no default locations included with WIP, you must add each of your netw
        </tr>
        <tr>
            <td>Enterprise Cloud Resources</td>
-           <td><strong>With proxy:</strong> contoso.sharepoint.com,contoso.internalproxy1.com|<br>contoso.visualstudio.com,contoso.internalproxy2.com<p><strong>Without proxy:</strong> contoso.sharepoint.com|contoso.visualstudio.com</td>
-           <td>Specify the cloud resources to be treated as corporate and protected by WIP.<p>For each cloud resource, you may also optionally specify a proxy server from your Internal proxy servers list to route traffic for this cloud resource. Be aware that all traffic routed through your Internal proxy servers is considered enterprise.<p>If you have multiple resources, you must separate them using the &quot;|&quot; delimiter. If you don't use proxy servers, you must also include the &quot;,&quot; delimiter just before the &quot;|&quot;. For example: <code>URL &lt;,proxy&gt;|URL &lt;,proxy&gt;</code>.<p><strong>Important</strong><br>In some cases, such as when an app connects directly to a cloud resource through an IP address, Windows can't tell whether it's attempting to connect to an enterprise cloud resource or to a personal site. In this case, Windows blocks the connection by default. To stop Windows from automatically blocking these connections, you can add the <code>/&#42;AppCompat&#42;/</code> string to the setting. For example: <code>URL &lt;,proxy&gt;|URL &lt;,proxy&gt;|/&#42;AppCompat&#42;/</code>.</td>
+           <td><b>With proxy:</b> contoso.sharepoint.com,contoso.internalproxy1.com|<br>contoso.visualstudio.com,contoso.internalproxy2.com<p><b>Without proxy:</b> contoso.sharepoint.com|contoso.visualstudio.com</td>
+           <td>Specify the cloud resources to be treated as corporate and protected by WIP.<p>For each cloud resource, you may also optionally specify a proxy server from your Internal proxy servers list to route traffic for this cloud resource. Be aware that all traffic routed through your Internal proxy servers is considered enterprise.<p>If you have multiple resources, you must separate them using the &quot;|&quot; delimiter. If you don't use proxy servers, you must also include the &quot;,&quot; delimiter just before the &quot;|&quot;. For example: <code>URL &lt;,proxy&gt;|URL &lt;,proxy&gt;</code>.<p><b>Important</b><br>In some cases, such as when an app connects directly to a cloud resource through an IP address, Windows can't tell whether it's attempting to connect to an enterprise cloud resource or to a personal site. In this case, Windows blocks the connection by default. To stop Windows from automatically blocking these connections, you can add the <code>/&#42;AppCompat&#42;/</code> string to the setting. For example: <code>URL &lt;,proxy&gt;|URL &lt;,proxy&gt;|/&#42;AppCompat&#42;/</code>.</td>
        </tr>
        <tr>
            <td>Enterprise Network Domain Names (Required)</td>
@@ -422,12 +422,12 @@ There are no default locations included with WIP, you must add each of your netw
            <td>Specify the internal proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you're connecting to are enterprise resources.<br><br>This list shouldn't include any servers listed in your Proxy servers list. Proxy servers must be used only for non-WIP-protected (non-enterprise) traffic.<br><br>If you have multiple resources, you must separate them using the &quot;;&quot; delimiter.</td><br/>    </tr>
        <tr>
            <td>Enterprise IPv4 Range (Required)</td>
-           <td><strong>Starting IPv4 Address:</strong> 3.4.0.1<br><strong>Ending IPv4 Address:</strong> 3.4.255.254<br><strong>Custom URI:</strong> 3.4.0.1-3.4.255.254,<br>10.0.0.1-10.255.255.254</td>
+           <td><b>Starting IPv4 Address:</b> 3.4.0.1<br><b>Ending IPv4 Address:</b> 3.4.255.254<br><b>Custom URI:</b> 3.4.0.1-3.4.255.254,<br>10.0.0.1-10.255.255.254</td>
            <td>Specify the addresses for a valid IPv4 value range within your intranet. These addresses, used with your Enterprise Network Domain Names, define your corporate network boundaries.<p>If you have multiple ranges, you must separate them using the &quot;,&quot; delimiter.</td>
        </tr>
        <tr>
            <td>Enterprise IPv6 Range</td>
-           <td><strong>Starting IPv6 Address:</strong> 2a01:110::<br><strong>Ending IPv6 Address:</strong> 2a01:110:7fff:ffff:ffff:ffff:ffff:ffff<br><strong>Custom URI:</strong> 2a01:110:7fff:ffff:ffff:ffff:ffff:ffff,<br>fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff</td>
+           <td><b>Starting IPv6 Address:</b> 2a01:110::<br><b>Ending IPv6 Address:</b> 2a01:110:7fff:ffff:ffff:ffff:ffff:ffff<br><b>Custom URI:</b> 2a01:110:7fff:ffff:ffff:ffff:ffff:ffff,<br>fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff</td>
            <td>Specify the addresses for a valid IPv6 value range within your intranet. These addresses, used with your Enterprise Network Domain Names, define your corporate network boundaries.<p>If you have multiple ranges, you must separate them using the &quot;,&quot; delimiter.</td>
        </tr>
        <tr>
diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
index 8c01645295..a099742145 100644
--- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
+++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
@@ -108,7 +108,7 @@ You can add any or all of the enlightened Microsoft apps to your allowed apps li
 |                 Microsoft Messaging                  |                                                                                                                                       **Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.Messaging<br>**App Type:** Universal app                                                                                                                                        |
 |                         IE11                         |                                                                                                                                                         **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Binary Name:** iexplore.exe<br>**App Type:** Desktop app                                                                                                                                                          |
 |                 OneDrive Sync Client                 |                                                                                                                                                         **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Binary Name:** onedrive.exe<br>**App Type:** Desktop app                                                                                                                                                          |
-|                     OneDrive app                     |                                                                                              **Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.Microsoftskydrive<br><strong>Product Version:</strong>Product version: 17.21.0.0 (and later)<br>**App Type:** Universal app                                                                                              |
+|                     OneDrive app                     |                                                                                              **Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.Microsoftskydrive<br><b>Product Version:</b>Product version: 17.21.0.0 (and later)<br>**App Type:** Universal app                                                                                              |
 |                       Notepad                        |                                                                                                                                                          **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Binary Name:** notepad.exe<br>**App Type:** Desktop app                                                                                                                                                          |
 |                   Microsoft Paint                    |                                                                                                                                                          **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Binary Name:** mspaint.exe<br>**App Type:** Desktop app                                                                                                                                                          |
 |               Microsoft Remote Desktop               |                                                                                                                                                           **Publisher:** `O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Binary Name:** mstsc.exe<br>**App Type:** Desktop app                                                                                                                                                           |
diff --git a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
index 340c9edb2a..c1cd7193c0 100644
--- a/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
+++ b/windows/security/information-protection/windows-information-protection/limitations-with-wip.md
@@ -33,18 +33,18 @@ This table provides info about the most common problems you might encounter whil
     </tr>
     <tr>
         <td>Your enterprise data on USB drives might be tied to the device it was protected on, based on your Azure RMS configuration.</td>
-        <td><strong>If you’re using Azure RMS:</strong> Authenticated users can open enterprise data on USB drives, on computers running Windows 10, version 1703.<br><br><strong>If you’re not using Azure RMS:</strong> Data in the new location remains encrypted, but becomes inaccessible on other devices and for other users. For example, the file won&#39;t open or the file opens, but doesn&#39;t contain readable text.</td>
+        <td><b>If you’re using Azure RMS:</b> Authenticated users can open enterprise data on USB drives, on computers running Windows 10, version 1703.<br><br><b>If you’re not using Azure RMS:</b> Data in the new location remains encrypted, but becomes inaccessible on other devices and for other users. For example, the file won&#39;t open or the file opens, but doesn&#39;t contain readable text.</td>
         <td>Share files with fellow employees through enterprise file servers or enterprise cloud locations. If data must be shared via USB, employees can decrypt protected files, but it will be audited.<br><br>We strongly recommend educating employees about how to limit or eliminate the need for this decryption.</td>
     </tr>
     <tr>
         <td>Direct Access is incompatible with WIP.</td>
         <td>Direct Access might experience problems with how WIP enforces app behavior and data movement because of how WIP determines what is and isn’t a corporate network resource.</td>
-        <td>We recommend that you use VPN for client access to your intranet resources.<br><br><strong>Note</strong><br>VPN is optional and isn’t required by WIP.</td>
+        <td>We recommend that you use VPN for client access to your intranet resources.<br><br><b>Note</b><br>VPN is optional and isn’t required by WIP.</td>
     </tr>
     <tr>
-        <td><strong>NetworkIsolation</strong> Group Policy setting takes precedence over MDM Policy settings.</td>
-        <td>The <strong>NetworkIsolation</strong> Group Policy setting can configure network settings that can also be configured by using MDM. WIP relies on these policies being correctly configured.</td>
-        <td>If you use both Group Policy and MDM to configure your <strong>NetworkIsolation</strong> settings, you must make sure that those same settings are deployed to your organization using both Group Policy and MDM.</td>
+        <td><b>NetworkIsolation</b> Group Policy setting takes precedence over MDM Policy settings.</td>
+        <td>The <b>NetworkIsolation</b> Group Policy setting can configure network settings that can also be configured by using MDM. WIP relies on these policies being correctly configured.</td>
+        <td>If you use both Group Policy and MDM to configure your <b>NetworkIsolation</b> settings, you must make sure that those same settings are deployed to your organization using both Group Policy and MDM.</td>
     </tr>
     <tr>
         <td>Cortana can potentially allow data leakage if it’s on the allowed apps list.</td>
@@ -63,7 +63,7 @@ This table provides info about the most common problems you might encounter whil
             <ul>
                 <li>Start the installer directly from the file share.<br><br>-OR-<br><br></li>
                 <li>Decrypt the locally copied files needed by the installer.<br><br>-OR-<br><br></li>
-                <li>Mark the file share with the installation media as “personal”. To do this, you’ll need to set the Enterprise IP ranges as <strong>Authoritative</strong> and then exclude the IP address of the file server, or you’ll need to put the file server on the Enterprise Proxy Server list.</li>
+                <li>Mark the file share with the installation media as “personal”. To do this, you’ll need to set the Enterprise IP ranges as <b>Authoritative</b> and then exclude the IP address of the file server, or you’ll need to put the file server on the Enterprise Proxy Server list.</li>
             </ul></td>
     </tr>
     <tr>
@@ -74,17 +74,17 @@ This table provides info about the most common problems you might encounter whil
     <tr>
         <td>Redirected folders with Client Side Caching are not compatible with WIP.</td>
         <td>Apps might encounter access errors while attempting to read a cached, offline file.</td>
-        <td>Migrate to use another file synchronization method, such as Work Folders or OneDrive for Business.<br><br><strong>Note</strong><br>For more info about Work Folders and Offline Files, see the blog, <a href="https://blogs.technet.microsoft.com/filecab/2016/08/29/work-folders-and-offline-files-support-for-windows-information-protection/" data-raw-source="[Work Folders and Offline Files support for Windows Information Protection](https://blogs.technet.microsoft.com/filecab/2016/08/29/work-folders-and-offline-files-support-for-windows-information-protection/)">Work Folders and Offline Files support for Windows Information Protection</a>. If you&#39;re having trouble opening files offline while using Offline Files and WIP, see the support article, <a href="https://support.microsoft.com/kb/3187045" data-raw-source="[Can&#39;t open files offline when you use Offline Files and Windows Information Protection](https://support.microsoft.com/kb/3187045)">Can&#39;t open files offline when you use Offline Files and Windows Information Protection</a>.</td>
+        <td>Migrate to use another file synchronization method, such as Work Folders or OneDrive for Business.<br><br><b>Note</b><br>For more info about Work Folders and Offline Files, see the blog, <a href="https://blogs.technet.microsoft.com/filecab/2016/08/29/work-folders-and-offline-files-support-for-windows-information-protection/" data-raw-source="[Work Folders and Offline Files support for Windows Information Protection](https://blogs.technet.microsoft.com/filecab/2016/08/29/work-folders-and-offline-files-support-for-windows-information-protection/)">Work Folders and Offline Files support for Windows Information Protection</a>. If you&#39;re having trouble opening files offline while using Offline Files and WIP, see the support article, <a href="https://support.microsoft.com/kb/3187045" data-raw-source="[Can&#39;t open files offline when you use Offline Files and Windows Information Protection](https://support.microsoft.com/kb/3187045)">Can&#39;t open files offline when you use Offline Files and Windows Information Protection</a>.</td>
     </tr>
     <tr>
         <td>An unmanaged device can use Remote Desktop Protocol (RDP) to connect to a WIP-managed device.</td>
-        <td><p>Data copied from the WIP-managed device is marked as <strong>Work</strong>.<p>Data copied to the WIP-managed device is not marked as <strong>Work</strong>.<p>Local <strong>Work</strong> data copied to the WIP-managed device remains <strong>Work</strong> data.<p><strong>Work</strong> data that is copied between two apps in the same session remains </strong> data.</td>
+        <td><p>Data copied from the WIP-managed device is marked as <b>Work</b>.<p>Data copied to the WIP-managed device is not marked as <b>Work</b>.<p>Local <b>Work</b> data copied to the WIP-managed device remains <b>Work</b> data.<p><b>Work</b> data that is copied between two apps in the same session remains </b> data.</td>
         <td>Disable RDP to prevent access because there is no way to restrict access to only devices managed by WIP. RDP is disabled by default.</td>
     </tr>
     <tr>
         <td>You can&#39;t upload an enterprise file to a personal location using Microsoft Edge or Internet Explorer.</td>
-        <td>A message appears stating that the content is marked as <strong>Work</strong> and the user isn&#39;t given an option to override to <strong>Personal</strong>.</td>
-        <td>Open File Explorer and change the file ownership to <strong>Personal</strong> before you upload.</td>
+        <td>A message appears stating that the content is marked as <b>Work</b> and the user isn&#39;t given an option to override to <b>Personal</b>.</td>
+        <td>Open File Explorer and change the file ownership to <b>Personal</b> before you upload.</td>
     </tr>
     <tr>
         <td>ActiveX controls should be used with caution.</td>
@@ -97,7 +97,7 @@ This table provides info about the most common problems you might encounter whil
         <td>Format drive for NTFS, or use a different drive.</td>
     </tr>
     <tr>
-        <td>WIP isn’t turned on if any of the following folders have the <strong>MakeFolderAvailableOfflineDisabled</strong> option set to <strong>False</strong>:
+        <td>WIP isn’t turned on if any of the following folders have the <b>MakeFolderAvailableOfflineDisabled</b> option set to <b>False</b>:
             <ul>
                 <li>AppDataRoaming</li>
                 <li>Desktop</li>
@@ -115,7 +115,7 @@ This table provides info about the most common problems you might encounter whil
             </ul>
         </td>
         <td>WIP isn’t turned on for employees in your organization. Error code 0x807c0008 will result if WIP is deployed by using Microsoft Endpoint Configuration Manager.</td>
-        <td>Don’t set the <strong>MakeFolderAvailableOfflineDisabled</strong> option to <strong>False</strong> for any of the specified folders.  You can configure this parameter, as described <a href="https://docs.microsoft.com/windows-server/storage/folder-redirection/disable-offline-files-on-folders" data-raw-source="[here](https://docs.microsoft.com/windows-server/storage/folder-redirection/disable-offline-files-on-folders)">here</a>.<br><br>If you currently use redirected folders, we recommend that you migrate to a file synchronization solution that supports WIP, such as Work Folders or OneDrive for Business. Additionally, if you apply redirected folders after WIP is already in place, you might be unable to open your files offline. For more info about these potential access errors, see <a href="https://support.microsoft.com/help/3187045/can-t-open-files-offline-when-you-use-offline-files-and-windows-information-protection" data-raw-source="[Can&#39;t open files offline when you use Offline Files and Windows Information Protection](https://support.microsoft.com/help/3187045/can-t-open-files-offline-when-you-use-offline-files-and-windows-information-protection)">Can&#39;t open files offline when you use Offline Files and Windows Information Protection</a>.
+        <td>Don’t set the <b>MakeFolderAvailableOfflineDisabled</b> option to <b>False</b> for any of the specified folders.  You can configure this parameter, as described <a href="https://docs.microsoft.com/windows-server/storage/folder-redirection/disable-offline-files-on-folders" data-raw-source="[here](https://docs.microsoft.com/windows-server/storage/folder-redirection/disable-offline-files-on-folders)">here</a>.<br><br>If you currently use redirected folders, we recommend that you migrate to a file synchronization solution that supports WIP, such as Work Folders or OneDrive for Business. Additionally, if you apply redirected folders after WIP is already in place, you might be unable to open your files offline. For more info about these potential access errors, see <a href="https://support.microsoft.com/help/3187045/can-t-open-files-offline-when-you-use-offline-files-and-windows-information-protection" data-raw-source="[Can&#39;t open files offline when you use Offline Files and Windows Information Protection](https://support.microsoft.com/help/3187045/can-t-open-files-offline-when-you-use-offline-files-and-windows-information-protection)">Can&#39;t open files offline when you use Offline Files and Windows Information Protection</a>.
         </td>
     </tr>
     <tr>
@@ -143,7 +143,7 @@ This table provides info about the most common problems you might encounter whil
 Wait a few minutes to allow OneDrive to finish syncing & upgrading the notebook, and the folder should automatically convert to an Internet Shortcut.  Opening the shortcut will open the notebook in the browser, which can then be opened in the OneNote client by using the “Open in app” button.</td>    
     </tr>
     <tr>
-        <td>Microsoft Office Outlook offline data files (PST and OST files) are not marked as <strong>Work</strong> files, and are therefore not protected.
+        <td>Microsoft Office Outlook offline data files (PST and OST files) are not marked as <b>Work</b> files, and are therefore not protected.
         </td>
         <td>If Microsoft Office Outlook is set to work in cached mode (default setting), or if some emails are stored in a local PST file, the data is unprotected. 
         </td>
diff --git a/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md b/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
index 961744bbf6..7353daae25 100644
--- a/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/testing-scenarios-for-wip.md
@@ -39,30 +39,30 @@ You can try any of the processes included in these scenarios, but you should foc
     </tr>
     <tr>
         <td>Encrypt and decrypt files using File Explorer.</td>
-        <td><strong>For desktop:</strong><br><br>
+        <td><b>For desktop:</b><br><br>
             <ol>
-                <li>Open File Explorer, right-click a work document, and then click <strong>Work</strong> from the <strong>File Ownership</strong> menu.<br>Make sure the file is encrypted by right-clicking the file again, clicking <strong>Advanced</strong> from the <strong>General</strong> tab, and then clicking <strong>Details</strong> from the <strong>Compress or Encrypt attributes</strong> area. The file should show up under the heading, <strong>This enterprise domain can remove or revoke access:</strong> <em>&lt;your_enterprise_identity&gt;</em>. For example, contoso.com.</li>
-                <li>In File Explorer, right-click the same document, and then click <strong>Personal</strong> from the <strong>File Ownership</strong> menu.<br>Make sure the file is decrypted by right-clicking the file again, clicking <strong>Advanced</strong> from the <strong>General</strong> tab, and then verifying that the <strong>Details</strong> button is unavailable.</li>
+                <li>Open File Explorer, right-click a work document, and then click <b>Work</b> from the <b>File Ownership</b> menu.<br>Make sure the file is encrypted by right-clicking the file again, clicking <b>Advanced</b> from the <b>General</b> tab, and then clicking <b>Details</b> from the <b>Compress or Encrypt attributes</b> area. The file should show up under the heading, <b>This enterprise domain can remove or revoke access:</b> <em>&lt;your_enterprise_identity&gt;</em>. For example, contoso.com.</li>
+                <li>In File Explorer, right-click the same document, and then click <b>Personal</b> from the <b>File Ownership</b> menu.<br>Make sure the file is decrypted by right-clicking the file again, clicking <b>Advanced</b> from the <b>General</b> tab, and then verifying that the <b>Details</b> button is unavailable.</li>
             </ol>
-            <strong>For mobile:</strong><br><br>
+            <b>For mobile:</b><br><br>
             <ol>
-                <li>Open the File Explorer app, browse to a file location, click the elipsis (...), and then click <strong>Select</strong> to mark at least one file as work-related.</li>
-                <li>Click the elipsis (...) again, click <strong>File ownership</strong> from the drop down menu, and then click <strong>Work</strong>.<br>Make sure the file is encrypted, by locating the <strong>Briefcase</strong> icon next to the file name.</li>
-                <li>Select the same file, click <strong>File ownership</strong> from the drop down menu, and then click <strong>Personal</strong>.<br>Make sure the file is decrypted and that you&#39;re no longer seeing the <strong>Briefcase</strong> icon next to file name.</li>
+                <li>Open the File Explorer app, browse to a file location, click the elipsis (...), and then click <b>Select</b> to mark at least one file as work-related.</li>
+                <li>Click the elipsis (...) again, click <b>File ownership</b> from the drop down menu, and then click <b>Work</b>.<br>Make sure the file is encrypted, by locating the <b>Briefcase</b> icon next to the file name.</li>
+                <li>Select the same file, click <b>File ownership</b> from the drop down menu, and then click <b>Personal</b>.<br>Make sure the file is decrypted and that you&#39;re no longer seeing the <b>Briefcase</b> icon next to file name.</li>
             </ol>
         </td>
     </tr>
     <tr>
         <td>Create work documents in enterprise-allowed apps.</td>
-        <td><strong>For desktop:</strong><br><br>
+        <td><b>For desktop:</b><br><br>
             <ul>
-                <li>Start an unenlightened but allowed app, such as a line-of-business app, and then create a new document, saving your changes.<br>Make sure the document is encrypted to your Enterprise Identity. This might take a few minutes and require you to close and re-open the file.<br><br><strong>Important</strong><br>Certain file types like <code>.exe</code> and <code>.dll</code>, along with certain file paths, such as <code>%windir%</code> and <code>%programfiles%</code> are excluded from automatic encryption.<br><br>For more info about your Enterprise Identity and adding apps to your allowed apps list, see either <a href="create-wip-policy-using-intune-azure.md" data-raw-source="[Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune-azure.md)">Create a Windows Information Protection (WIP) policy using Microsoft Intune</a> or <a href="create-wip-policy-using-configmgr.md" data-raw-source="[Create a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager](create-wip-policy-using-configmgr.md)">Create a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager</a>, based on your deployment system.</li>
+                <li>Start an unenlightened but allowed app, such as a line-of-business app, and then create a new document, saving your changes.<br>Make sure the document is encrypted to your Enterprise Identity. This might take a few minutes and require you to close and re-open the file.<br><br><b>Important</b><br>Certain file types like <code>.exe</code> and <code>.dll</code>, along with certain file paths, such as <code>%windir%</code> and <code>%programfiles%</code> are excluded from automatic encryption.<br><br>For more info about your Enterprise Identity and adding apps to your allowed apps list, see either <a href="create-wip-policy-using-intune-azure.md" data-raw-source="[Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune-azure.md)">Create a Windows Information Protection (WIP) policy using Microsoft Intune</a> or <a href="create-wip-policy-using-configmgr.md" data-raw-source="[Create a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager](create-wip-policy-using-configmgr.md)">Create a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager</a>, based on your deployment system.</li>
             </ul>
-            <strong>For mobile:</strong><br><br>
+            <b>For mobile:</b><br><br>
             <ol>
-                <li>Start an allowed mobile app, such as Word Mobile, create a new document, and then save your changes as <strong>Work</strong> to a local, work-related location.<br>Make sure the document is encrypted, by locating the <strong>Briefcase</strong> icon next to the file name.</li>
+                <li>Start an allowed mobile app, such as Word Mobile, create a new document, and then save your changes as <b>Work</b> to a local, work-related location.<br>Make sure the document is encrypted, by locating the <b>Briefcase</b> icon next to the file name.</li>
                 <li>Open the same document and attempt to save it to a non-work-related location.<br>WIP should stop you from saving the file to this location.</li>
-                <li>Open the same document one last time, make a change to the contents, and then save it again using the <strong>Personal</strong> option.<br>Make sure the file is decrypted and that you&#39;re no longer seeing the <strong>Briefcase</strong> icon next to file name.</li>
+                <li>Open the same document one last time, make a change to the contents, and then save it again using the <b>Personal</b> option.<br>Make sure the file is decrypted and that you&#39;re no longer seeing the <b>Briefcase</b> icon next to file name.</li>
             </ol>
         </td><br/>    </tr>
     <tr>
@@ -70,7 +70,7 @@ You can try any of the processes included in these scenarios, but you should foc
         <td>
             <ol>
                 <li>Start an app that doesn&#39;t appear on your allowed apps list, and then try to open a work-encrypted file.<br>The app shouldn&#39;t be able to access the file.</li>
-                <li>Try double-clicking or tapping on the work-encrypted file.<br>If your default app association is an app not on your allowed apps list, you should get an <strong>Access Denied</strong> error message.</li>
+                <li>Try double-clicking or tapping on the work-encrypted file.<br>If your default app association is an app not on your allowed apps list, you should get an <b>Access Denied</b> error message.</li>
             </ol>
         </td>
     </tr>
@@ -78,9 +78,9 @@ You can try any of the processes included in these scenarios, but you should foc
         <td>Copy and paste from enterprise apps to non-enterprise apps.</td>
         <td>
             <ol>
-                <li>Copy (CTRL+C) content from an app on your allowed apps list, and then try to paste (CTRL+V) the content into an app that doesn&#39;t appear on your allowed apps list.<br>You should see a WIP-related warning box, asking you to click either <strong>Change to personal</strong> or <strong>Keep at work</strong>.</li>
-                <li>Click <strong>Keep at work</strong>.<br>The content isn&#39;t pasted into the non-enterprise app.</li>
-                <li>Repeat Step 1, but this time click <strong>Change to personal</strong>, and try to paste the content again.<br>The content is pasted into the non-enterprise app.</li>
+                <li>Copy (CTRL+C) content from an app on your allowed apps list, and then try to paste (CTRL+V) the content into an app that doesn&#39;t appear on your allowed apps list.<br>You should see a WIP-related warning box, asking you to click either <b>Change to personal</b> or <b>Keep at work</b>.</li>
+                <li>Click <b>Keep at work</b>.<br>The content isn&#39;t pasted into the non-enterprise app.</li>
+                <li>Repeat Step 1, but this time click <b>Change to personal</b>, and try to paste the content again.<br>The content is pasted into the non-enterprise app.</li>
                 <li>Try copying and pasting content between apps on your allowed apps list.<br>The content should copy and paste between apps without any warning messages.</li>
             </ol>
         </td>
@@ -89,9 +89,9 @@ You can try any of the processes included in these scenarios, but you should foc
         <td>Drag and drop from enterprise apps to non-enterprise apps.</td>
         <td>
             <ol>
-                <li>Drag content from an app on your allowed apps list, and then try to drop the content into an app that doesn&#39;t appear on your allowed apps list.<br>You should see a WIP-related warning box, asking you to click either <strong>Keep at work</strong> or <strong>Change to personal</strong>.</li>
-                <li>Click <strong>Keep at work</strong>.<br>The content isn&#39;t dropped into the non-enterprise app.</li>
-                <li>Repeat Step 1, but this time click <strong>Change to personal</strong>, and try to drop the content again.<br>The content is dropped into the non-enterprise app.</li>
+                <li>Drag content from an app on your allowed apps list, and then try to drop the content into an app that doesn&#39;t appear on your allowed apps list.<br>You should see a WIP-related warning box, asking you to click either <b>Keep at work</b> or <b>Change to personal</b>.</li>
+                <li>Click <b>Keep at work</b>.<br>The content isn&#39;t dropped into the non-enterprise app.</li>
+                <li>Repeat Step 1, but this time click <b>Change to personal</b>, and try to drop the content again.<br>The content is dropped into the non-enterprise app.</li>
                 <li>Try dragging and dropping content between apps on your allowed apps list.<br>The content should move between the apps without any warning messages.</li>
             </ol>
         </td>
@@ -100,9 +100,9 @@ You can try any of the processes included in these scenarios, but you should foc
         <td>Share between enterprise apps and non-enterprise apps.</td>
         <td>
             <ol>
-                <li>Open an app on your allowed apps list, like Microsoft Photos, and try to share content with an app that doesn&#39;t appear on your allowed apps list, like Facebook.<br>You should see a WIP-related warning box, asking you to click either <strong>Keep at work</strong> or <strong>Change to personal</strong>.</li>
-                <li>Click <strong>Keep at work</strong>.<br>The content isn&#39;t shared into Facebook.</li>
-                <li>Repeat Step 1, but this time click <strong>Change to personal</strong>, and try to share the content again.<br>The content is shared into Facebook.</li>
+                <li>Open an app on your allowed apps list, like Microsoft Photos, and try to share content with an app that doesn&#39;t appear on your allowed apps list, like Facebook.<br>You should see a WIP-related warning box, asking you to click either <b>Keep at work</b> or <b>Change to personal</b>.</li>
+                <li>Click <b>Keep at work</b>.<br>The content isn&#39;t shared into Facebook.</li>
+                <li>Repeat Step 1, but this time click <b>Change to personal</b>, and try to share the content again.<br>The content is shared into Facebook.</li>
                 <li>Try sharing content between apps on your allowed apps list.<br>The content should share between the apps without any warning messages.</li>
             </ol>
         </td>
@@ -112,8 +112,8 @@ You can try any of the processes included in these scenarios, but you should foc
         <td>
             <ol>
                 <li>Start Windows Journal and Internet Explorer 11, creating, editing, and saving files in both apps.<br>Make sure that all of the files you worked with are encrypted to your configured Enterprise Identity. In some cases, you might need to close the file and wait a few moments for it to be automatically encrypted.</li>
-                <li>Open File Explorer and make sure your modified files are appearing with a <strong>Lock</strong> icon.</li>
-                <li>Try copying and pasting, dragging and dropping, and sharing using these apps with other apps that appear both on and off the allowed apps list.<br><br><strong>Note</strong><br>Most Windows-signed components like File Explorer (when running in the user's context), should have access to enterprise data.<br><br>A few notable exceptions include some of the user-facing in-box apps, like Wordpad, Notepad, and Microsoft Paint. These apps don&#39;t have access by default, but can be added to your allowed apps list.</li>
+                <li>Open File Explorer and make sure your modified files are appearing with a <b>Lock</b> icon.</li>
+                <li>Try copying and pasting, dragging and dropping, and sharing using these apps with other apps that appear both on and off the allowed apps list.<br><br><b>Note</b><br>Most Windows-signed components like File Explorer (when running in the user's context), should have access to enterprise data.<br><br>A few notable exceptions include some of the user-facing in-box apps, like Wordpad, Notepad, and Microsoft Paint. These apps don&#39;t have access by default, but can be added to your allowed apps list.</li>
             </ol>
         </td>
     </tr>
@@ -130,7 +130,7 @@ You can try any of the processes included in these scenarios, but you should foc
         <td>Verify your shared files can use WIP.</td>
         <td>
             <ol>
-                <li>Download a file from a protected file share, making sure the file is encrypted by locating the <strong>Briefcase</strong> icon next to the file name.</li>
+                <li>Download a file from a protected file share, making sure the file is encrypted by locating the <b>Briefcase</b> icon next to the file name.</li>
                 <li>Open the same file, make a change, save it and then try to upload it back to the file share. Again, this should work without any warnings.</li>
                 <li>Open an app that doesn&#39;t appear on your allowed apps list and attempt to access a file on the WIP-enabled file share.<br>The app shouldn&#39;t be able to access the file share.</li>
             </ol>
@@ -142,7 +142,7 @@ You can try any of the processes included in these scenarios, but you should foc
             <ol>
                 <li>Add both Internet Explorer 11 and Microsoft Edge to your allowed apps list.</li>
                 <li>Open SharePoint (or another cloud resource that&#39;s part of your policy) and access a WIP-enabled resource by using both IE11 and Microsoft Edge.<br>Both browsers should respect the enterprise and personal boundary.</li>
-                <li>Remove Internet Explorer 11 from your allowed app list and then try to access an intranet site or enterprise-related cloud resource.<br>IE11 shouldn&#39;t be able to access the sites.<br><br><strong>Note</strong><br>Any file downloaded from your work SharePoint site, or any other WIP-enabled cloud resource, is automatically marked as <strong>Work</strong>.</li>
+                <li>Remove Internet Explorer 11 from your allowed app list and then try to access an intranet site or enterprise-related cloud resource.<br>IE11 shouldn&#39;t be able to access the sites.<br><br><b>Note</b><br>Any file downloaded from your work SharePoint site, or any other WIP-enabled cloud resource, is automatically marked as <b>Work</b>.</li>
             </ol>
         </td>
     </tr>
@@ -150,7 +150,7 @@ You can try any of the processes included in these scenarios, but you should foc
         <td>Verify your Virtual Private Network (VPN) can be auto-triggered.</td>
         <td>
             <ol>
-                <li>Set up your VPN network to start based on the <strong>WIPModeID</strong> setting.<br>For specific info about how to do this, see the <a href="create-vpn-and-wip-policy-using-intune-azure.md" data-raw-source="[Create and deploy a VPN policy for Windows Information Protection (WIP) using Microsoft Intune](create-vpn-and-wip-policy-using-intune-azure.md)">Create and deploy a VPN policy for Windows Information Protection (WIP) using Microsoft Intune</a> topic.</li>
+                <li>Set up your VPN network to start based on the <b>WIPModeID</b> setting.<br>For specific info about how to do this, see the <a href="create-vpn-and-wip-policy-using-intune-azure.md" data-raw-source="[Create and deploy a VPN policy for Windows Information Protection (WIP) using Microsoft Intune](create-vpn-and-wip-policy-using-intune-azure.md)">Create and deploy a VPN policy for Windows Information Protection (WIP) using Microsoft Intune</a> topic.</li>
                 <li>Start an app from your allowed apps list.<br>The VPN network should automatically start.</li>
                 <li>Disconnect from your network and then start an app that isn&#39;t on your allowed apps list.<br>The VPN shouldn&#39;t start and the app shouldn&#39;t be able to access your enterprise network.</li>
             </ol>
@@ -160,7 +160,7 @@ You can try any of the processes included in these scenarios, but you should foc
         <td>Unenroll client devices from WIP.</td>
         <td>
             <ul>
-                <li>Unenroll a device from WIP by going to <strong>Settings</strong>, click <strong>Accounts</strong>, click <strong>Work</strong>, click the name of the device you want to unenroll, and then click <strong>Remove</strong>.<br>The device should be removed and all of the enterprise content for that managed account should be gone.<br><br><strong>Important</strong><br>On desktop devices, the data isn&#39;t removed and can be recovered, so you must make sure the content is marked as <strong>Revoked</strong> and that access is denied for the employee. On mobile devices, the data is removed.</li>
+                <li>Unenroll a device from WIP by going to <b>Settings</b>, click <b>Accounts</b>, click <b>Work</b>, click the name of the device you want to unenroll, and then click <b>Remove</b>.<br>The device should be removed and all of the enterprise content for that managed account should be gone.<br><br><b>Important</b><br>On desktop devices, the data isn&#39;t removed and can be recovered, so you must make sure the content is marked as <b>Revoked</b> and that access is denied for the employee. On mobile devices, the data is removed.</li>
             </ul>
         </td>
     </tr>
diff --git a/windows/security/threat-protection/auditing/event-4626.md b/windows/security/threat-protection/auditing/event-4626.md
index d0474f5941..4289b8d65a 100644
--- a/windows/security/threat-protection/auditing/event-4626.md
+++ b/windows/security/threat-protection/auditing/event-4626.md
@@ -157,7 +157,7 @@ This event generates on the computer to which the logon was performed (target co
 
     -   “dadmin” – claim value.
 
-**Device Claims** \[Type = UnicodeString\]**:** list of device claims for new logon session. For user accounts this field typically has “**-**“ value<strong>.</strong> For computer accounts this field has device claims listed.
+**Device Claims** \[Type = UnicodeString\]**:** list of device claims for new logon session. For user accounts this field typically has “**-**“ value<b>.</b> For computer accounts this field has device claims listed.
 
 ## Security Monitoring Recommendations
 
diff --git a/windows/security/threat-protection/auditing/event-4670.md b/windows/security/threat-protection/auditing/event-4670.md
index 45dcd000c9..bc6d20907b 100644
--- a/windows/security/threat-protection/auditing/event-4670.md
+++ b/windows/security/threat-protection/auditing/event-4670.md
@@ -274,5 +274,5 @@ For file system and registry objects, the following recommendations apply.
 
 - If you have critical registry objects for which you need to monitor all modifications (especially permissions changes and owner changes), monitor for the specific **Object\\Object Name.**
 
-- If you have high-value computers for which you need to monitor all changes for all or specific objects (for example, file system or registry objects), monitor for all [4670](event-4670.md) events on these computers<strong>.</strong> For example, you could monitor the **ntds.dit** file on domain controllers.
+- If you have high-value computers for which you need to monitor all changes for all or specific objects (for example, file system or registry objects), monitor for all [4670](event-4670.md) events on these computers<b>.</b> For example, you could monitor the **ntds.dit** file on domain controllers.
 
diff --git a/windows/security/threat-protection/auditing/event-4672.md b/windows/security/threat-protection/auditing/event-4672.md
index 1641acbc10..81b9fd94a0 100644
--- a/windows/security/threat-protection/auditing/event-4672.md
+++ b/windows/security/threat-protection/auditing/event-4672.md
@@ -22,7 +22,7 @@ ms.author: dansimp
 
 <img src="images/event-4672.png" alt="Event 4672 illustration" width="449" height="503" hspace="10" align="left" />
 </br>
-<strong><em>Subcategory:</em></strong>&nbsp;<a href="audit-special-logon.md" data-raw-source="[Audit Special Logon](audit-special-logon.md)">Audit Special Logon</a>
+<b><em>Subcategory:</em></b>&nbsp;<a href="audit-special-logon.md" data-raw-source="[Audit Special Logon](audit-special-logon.md)">Audit Special Logon</a>
 
 ***Event Description:***
 
diff --git a/windows/security/threat-protection/auditing/event-4673.md b/windows/security/threat-protection/auditing/event-4673.md
index 1caa24d32d..dc2d0e52fe 100644
--- a/windows/security/threat-protection/auditing/event-4673.md
+++ b/windows/security/threat-protection/auditing/event-4673.md
@@ -135,40 +135,40 @@ Failure event generates when service call attempt fails.
 
 |     **Subcategory of event**      |                        **Privilege Name: <br>User Right Group Policy Name**                         |                                                                                                                                                                                           **Description**                                                                                                                                                                                           |
 |-----------------------------------|-----------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Audit Non Sensitive Privilege Use |               <strong>SeChangeNotifyPrivilege: <br></strong>Bypass traverse checking                | Required to receive notifications of changes to files or directories. This privilege also causes the system to skip all traversal access checks. <br>With this privilege, the user can traverse directory trees even though the user may not have permissions on the traversed directory. This privilege does not allow the user to list the contents of a directory, only to traverse directories. |
-| Audit Non Sensitive Privilege Use |                 <strong>SeCreateGlobalPrivilege: <br></strong>Create global objects                 |                                                                                                                                              Required to create named file mapping objects in the global namespace during Terminal Services sessions.                                                                                                                                               |
-| Audit Non Sensitive Privilege Use |                  <strong>SeCreatePagefilePrivilege: <br></strong>Create a pagefile                  |                                                                                                                                                             With this privilege, the user can create and change the size of a pagefile.                                                                                                                                                             |
-| Audit Non Sensitive Privilege Use |          <strong>SeCreatePermanentPrivilege: <br></strong>Create permanent shared objects           |                                                                Required to create a permanent object. <br>This privilege is useful to kernel-mode components that extend the object namespace. Components that are running in kernel mode already have this privilege inherently; it is not necessary to assign them the privilege.                                                                 |
-| Audit Non Sensitive Privilege Use |              <strong>SeCreateSymbolicLinkPrivilege: <br></strong>Create symbolic links              |                                                                                                                                                                                 Required to create a symbolic link.                                                                                                                                                                                 |
-| Audit Non Sensitive Privilege Use |         <strong>SeIncreaseBasePriorityPrivilege: <br></strong>Increase scheduling priority          |                            Required to increase the base priority of a process. <br>With this privilege, the user can use a process with Write property access to another process to increase the execution priority assigned to the other process. A user with this privilege can change the scheduling priority of a process through the Task Manager user interface.                             |
-| Audit Non Sensitive Privilege Use |          <strong>SeIncreaseQuotaPrivilege: <br></strong>Adjust memory quotas for a process          |                                                                                                                      Required to increase the quota assigned to a process. <br>With this privilege, the user can change the maximum memory that can be consumed by a process.                                                                                                                       |
-| Audit Non Sensitive Privilege Use |         <strong>SeIncreaseWorkingSetPrivilege: <br></strong>Increase a process working set          |                                                                                                                                                         Required to allocate more memory for applications that run in the context of users.                                                                                                                                                         |
-| Audit Non Sensitive Privilege Use |                  <strong>SeLockMemoryPrivilege: <br></strong>Lock pages in memory                   |                         Required to lock physical pages in memory. <br>With this privilege, the user can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).                         |
-| Audit Non Sensitive Privilege Use |             <strong>SeMachineAccountPrivilege: <br></strong>Add workstations to domain              |                                                                                                                                        With this privilege, the user can create a computer account. <br>This privilege is valid only on domain controllers.                                                                                                                                         |
-| Audit Non Sensitive Privilege Use |           <strong>SeManageVolumePrivilege: <br></strong>Perform volume maintenance tasks            |                                                                                                                                                           Required to run maintenance tasks on a volume, such as remote defragmentation.                                                                                                                                                            |
-| Audit Non Sensitive Privilege Use |            <strong>SeProfileSingleProcessPrivilege: <br></strong>Profile single process             |                                                                                                      Required to gather profiling information for a single process. <br>With this privilege, the user can use performance monitoring tools to monitor the performance of non-system processes.                                                                                                      |
-| Audit Non Sensitive Privilege Use |                   <strong>SeRelabelPrivilege: <br></strong>Modify an object label                   |                                                                                                                                                                   Required to modify the mandatory integrity level of an object.                                                                                                                                                                    |
-| Audit Non Sensitive Privilege Use |         <strong>SeRemoteShutdownPrivilege: <br></strong>Force shutdown from a remote system         |                                                                                                                                                                       Required to shut down a system using a network request.                                                                                                                                                                       |
-| Audit Non Sensitive Privilege Use |                   <strong>SeShutdownPrivilege: <br></strong>Shut down the system                    |                                                                                                                                                                                Required to shut down a local system.                                                                                                                                                                                |
-| Audit Non Sensitive Privilege Use |            <strong>SeSyncAgentPrivilege: <br></strong>Synchronize directory service data            |      This privilege enables the holder to read all objects and properties in the directory, regardless of the protection on the objects and properties. By default, it is assigned to the Administrator and LocalSystem accounts on domain controllers. <br>With this privilege, the user can synchronize all directory service data. This is also known as Active Directory synchronization.       |
-| Audit Non Sensitive Privilege Use |              <strong>SeSystemProfilePrivilege: <br></strong>Profile system performance              |                                                                                                       Required to gather profiling information for the entire system. <br>With this privilege, the user can use performance monitoring tools to monitor the performance of system processes.                                                                                                        |
-| Audit Non Sensitive Privilege Use |                 <strong>SeSystemtimePrivilege: <br></strong>Change the system time                  |                     Required to modify the system time. With this privilege, the user can change the time and date on the internal clock of the computer. Users that are assigned this user right can affect the appearance of event logs. <br>If the system time is changed, events that are logged will reflect this new time, not the actual time that the events occurred.                      |
-| Audit Non Sensitive Privilege Use |                   <strong>SeTimeZonePrivilege: <br></strong>Change the time zone                    |                                                                                                                                                           Required to adjust the time zone associated with the computer's internal clock.                                                                                                                                                           |
-| Audit Non Sensitive Privilege Use | <strong>SeTrustedCredManAccessPrivilege: <br></strong>Access Credential Manager as a trusted caller |                                                                                                                                                                     Required to access Credential Manager as a trusted caller.                                                                                                                                                                      |
-| Audit Non Sensitive Privilege Use |            <strong>SeUndockPrivilege: <br></strong>Remove computer from docking station             |                                                                                                                             Required to undock a laptop. <br>With this privilege, the user can undock a portable computer from its docking station without logging on.                                                                                                                              |
+| Audit Non Sensitive Privilege Use |               <b>SeChangeNotifyPrivilege: <br></b>Bypass traverse checking                | Required to receive notifications of changes to files or directories. This privilege also causes the system to skip all traversal access checks. <br>With this privilege, the user can traverse directory trees even though the user may not have permissions on the traversed directory. This privilege does not allow the user to list the contents of a directory, only to traverse directories. |
+| Audit Non Sensitive Privilege Use |                 <b>SeCreateGlobalPrivilege: <br></b>Create global objects                 |                                                                                                                                              Required to create named file mapping objects in the global namespace during Terminal Services sessions.                                                                                                                                               |
+| Audit Non Sensitive Privilege Use |                  <b>SeCreatePagefilePrivilege: <br></b>Create a pagefile                  |                                                                                                                                                             With this privilege, the user can create and change the size of a pagefile.                                                                                                                                                             |
+| Audit Non Sensitive Privilege Use |          <b>SeCreatePermanentPrivilege: <br></b>Create permanent shared objects           |                                                                Required to create a permanent object. <br>This privilege is useful to kernel-mode components that extend the object namespace. Components that are running in kernel mode already have this privilege inherently; it is not necessary to assign them the privilege.                                                                 |
+| Audit Non Sensitive Privilege Use |              <b>SeCreateSymbolicLinkPrivilege: <br></b>Create symbolic links              |                                                                                                                                                                                 Required to create a symbolic link.                                                                                                                                                                                 |
+| Audit Non Sensitive Privilege Use |         <b>SeIncreaseBasePriorityPrivilege: <br></b>Increase scheduling priority          |                            Required to increase the base priority of a process. <br>With this privilege, the user can use a process with Write property access to another process to increase the execution priority assigned to the other process. A user with this privilege can change the scheduling priority of a process through the Task Manager user interface.                             |
+| Audit Non Sensitive Privilege Use |          <b>SeIncreaseQuotaPrivilege: <br></b>Adjust memory quotas for a process          |                                                                                                                      Required to increase the quota assigned to a process. <br>With this privilege, the user can change the maximum memory that can be consumed by a process.                                                                                                                       |
+| Audit Non Sensitive Privilege Use |         <b>SeIncreaseWorkingSetPrivilege: <br></b>Increase a process working set          |                                                                                                                                                         Required to allocate more memory for applications that run in the context of users.                                                                                                                                                         |
+| Audit Non Sensitive Privilege Use |                  <b>SeLockMemoryPrivilege: <br></b>Lock pages in memory                   |                         Required to lock physical pages in memory. <br>With this privilege, the user can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).                         |
+| Audit Non Sensitive Privilege Use |             <b>SeMachineAccountPrivilege: <br></b>Add workstations to domain              |                                                                                                                                        With this privilege, the user can create a computer account. <br>This privilege is valid only on domain controllers.                                                                                                                                         |
+| Audit Non Sensitive Privilege Use |           <b>SeManageVolumePrivilege: <br></b>Perform volume maintenance tasks            |                                                                                                                                                           Required to run maintenance tasks on a volume, such as remote defragmentation.                                                                                                                                                            |
+| Audit Non Sensitive Privilege Use |            <b>SeProfileSingleProcessPrivilege: <br></b>Profile single process             |                                                                                                      Required to gather profiling information for a single process. <br>With this privilege, the user can use performance monitoring tools to monitor the performance of non-system processes.                                                                                                      |
+| Audit Non Sensitive Privilege Use |                   <b>SeRelabelPrivilege: <br></b>Modify an object label                   |                                                                                                                                                                   Required to modify the mandatory integrity level of an object.                                                                                                                                                                    |
+| Audit Non Sensitive Privilege Use |         <b>SeRemoteShutdownPrivilege: <br></b>Force shutdown from a remote system         |                                                                                                                                                                       Required to shut down a system using a network request.                                                                                                                                                                       |
+| Audit Non Sensitive Privilege Use |                   <b>SeShutdownPrivilege: <br></b>Shut down the system                    |                                                                                                                                                                                Required to shut down a local system.                                                                                                                                                                                |
+| Audit Non Sensitive Privilege Use |            <b>SeSyncAgentPrivilege: <br></b>Synchronize directory service data            |      This privilege enables the holder to read all objects and properties in the directory, regardless of the protection on the objects and properties. By default, it is assigned to the Administrator and LocalSystem accounts on domain controllers. <br>With this privilege, the user can synchronize all directory service data. This is also known as Active Directory synchronization.       |
+| Audit Non Sensitive Privilege Use |              <b>SeSystemProfilePrivilege: <br></b>Profile system performance              |                                                                                                       Required to gather profiling information for the entire system. <br>With this privilege, the user can use performance monitoring tools to monitor the performance of system processes.                                                                                                        |
+| Audit Non Sensitive Privilege Use |                 <b>SeSystemtimePrivilege: <br></b>Change the system time                  |                     Required to modify the system time. With this privilege, the user can change the time and date on the internal clock of the computer. Users that are assigned this user right can affect the appearance of event logs. <br>If the system time is changed, events that are logged will reflect this new time, not the actual time that the events occurred.                      |
+| Audit Non Sensitive Privilege Use |                   <b>SeTimeZonePrivilege: <br></b>Change the time zone                    |                                                                                                                                                           Required to adjust the time zone associated with the computer's internal clock.                                                                                                                                                           |
+| Audit Non Sensitive Privilege Use | <b>SeTrustedCredManAccessPrivilege: <br></b>Access Credential Manager as a trusted caller |                                                                                                                                                                     Required to access Credential Manager as a trusted caller.                                                                                                                                                                      |
+| Audit Non Sensitive Privilege Use |            <b>SeUndockPrivilege: <br></b>Remove computer from docking station             |                                                                                                                             Required to undock a laptop. <br>With this privilege, the user can undock a portable computer from its docking station without logging on.                                                                                                                              |
 
 |   **Subcategory of event**    |                               **Privilege Name: <br>User Right Group Policy Name**                               |                                                                                                                                                                                                                                                                                                        **Description**                                                                                                                                                                                                                                                                                                         |
 |-------------------------------|------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Audit Sensitive Privilege Use |                <strong>SeAssignPrimaryTokenPrivilege: <br></strong>Replace a process-level token                 |                                                                                                                                                                     Required to assign the [*primary token*](https://msdn.microsoft.com/library/windows/desktop/ms721603(v=vs.85).aspx#_security_primary_token_gly) of a process. With this privilege, the user can initiate a process to replace the default token associated with a started subprocess.                                                                                                                                                                      |
-| Audit Sensitive Privilege Use |                         <strong>SeAuditPrivilege: <br></strong>Generate security audits                          |                                                                                                                                                                                                                                                                               With this privilege, the user can add entries to the security log.                                                                                                                                                                                                                                                                               |
-| Audit Sensitive Privilege Use |                        <strong>SeCreateTokenPrivilege: <br></strong>Create a token object                        |                                                                                                                         Allows a process to create a token which it can then use to get access to any local resources when the process uses NtCreateToken() or other token-creation APIs. When a process requires this privilege, we recommend using the LocalSystem account (which already includes the privilege), rather than creating a separate user account and assigning this privilege to it.                                                                                                                          |
-| Audit Sensitive Privilege Use |                              <strong>SeDebugPrivilege: <br></strong>Debug programs                               |                                                                                                 Required to debug and adjust the memory of a process owned by another account. With this privilege, the user can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not need this user right. Developers who are debugging new system components need this user right. This user right provides complete access to sensitive and critical operating system components.                                                                                                  |
-| Audit Sensitive Privilege Use |              <strong>SeImpersonatePrivilege: <br></strong>Impersonate a client after authentication              |                                                                                                                                                                                                                                                                                 With this privilege, the user can impersonate other accounts.                                                                                                                                                                                                                                                                                  |
-| Audit Sensitive Privilege Use |                    <strong>SeLoadDriverPrivilege: <br></strong>Load and unload device drivers                    |                                                                                                                                                                                                   Required to load or unload a device driver. With this privilege, the user can dynamically load and unload device drivers or other code in to kernel mode. This user right does not apply to Plug and Play device drivers.                                                                                                                                                                                                    |
-| Audit Sensitive Privilege Use |                         <strong>SeLockMemoryPrivilege: <br></strong>Lock pages in memory                         |                                                                                                                                        Required to lock physical pages in memory. With this privilege, the user can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).                                                                                                                                         |
-| Audit Sensitive Privilege Use |              <strong>SeSystemEnvironmentPrivilege: <br></strong>Modify firmware environment values               |                                                                                                                                                                                                                                                       Required to modify the nonvolatile RAM of systems that use this type of memory to store configuration information.                                                                                                                                                                                                                                                       |
-| Audit Sensitive Privilege Use |                     <strong>SeTcbPrivilege: <br></strong>Act as part of the operating system                     |                                                                                                                                                                                          This privilege identifies its holder as part of the trusted computer base. This user right allows a process to impersonate any user without authentication. The process can therefore gain access to the same local resources as that user.                                                                                                                                                                                           |
-| Audit Sensitive Privilege Use | <strong>SeEnableDelegationPrivilege: <br></strong>Enable computer and user accounts to be trusted for delegation | Required to mark user and computer accounts as trusted for delegation. With this privilege, the user can set the **Trusted for Deleg**ation setting on a user or computer object. The user or object that is granted this privilege must have write access to the account control flags on the user or computer object. A server process running on a computer (or under a user context) that is trusted for delegation can access resources on another computer using the delegated credentials of a client, as long as the account of the client does not have the **Account cannot be delegated** account control flag set. |
+| Audit Sensitive Privilege Use |                <b>SeAssignPrimaryTokenPrivilege: <br></b>Replace a process-level token                 |                                                                                                                                                                     Required to assign the [*primary token*](https://msdn.microsoft.com/library/windows/desktop/ms721603(v=vs.85).aspx#_security_primary_token_gly) of a process. With this privilege, the user can initiate a process to replace the default token associated with a started subprocess.                                                                                                                                                                      |
+| Audit Sensitive Privilege Use |                         <b>SeAuditPrivilege: <br></b>Generate security audits                          |                                                                                                                                                                                                                                                                               With this privilege, the user can add entries to the security log.                                                                                                                                                                                                                                                                               |
+| Audit Sensitive Privilege Use |                        <b>SeCreateTokenPrivilege: <br></b>Create a token object                        |                                                                                                                         Allows a process to create a token which it can then use to get access to any local resources when the process uses NtCreateToken() or other token-creation APIs. When a process requires this privilege, we recommend using the LocalSystem account (which already includes the privilege), rather than creating a separate user account and assigning this privilege to it.                                                                                                                          |
+| Audit Sensitive Privilege Use |                              <b>SeDebugPrivilege: <br></b>Debug programs                               |                                                                                                 Required to debug and adjust the memory of a process owned by another account. With this privilege, the user can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not need this user right. Developers who are debugging new system components need this user right. This user right provides complete access to sensitive and critical operating system components.                                                                                                  |
+| Audit Sensitive Privilege Use |              <b>SeImpersonatePrivilege: <br></b>Impersonate a client after authentication              |                                                                                                                                                                                                                                                                                 With this privilege, the user can impersonate other accounts.                                                                                                                                                                                                                                                                                  |
+| Audit Sensitive Privilege Use |                    <b>SeLoadDriverPrivilege: <br></b>Load and unload device drivers                    |                                                                                                                                                                                                   Required to load or unload a device driver. With this privilege, the user can dynamically load and unload device drivers or other code in to kernel mode. This user right does not apply to Plug and Play device drivers.                                                                                                                                                                                                    |
+| Audit Sensitive Privilege Use |                         <b>SeLockMemoryPrivilege: <br></b>Lock pages in memory                         |                                                                                                                                        Required to lock physical pages in memory. With this privilege, the user can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).                                                                                                                                         |
+| Audit Sensitive Privilege Use |              <b>SeSystemEnvironmentPrivilege: <br></b>Modify firmware environment values               |                                                                                                                                                                                                                                                       Required to modify the nonvolatile RAM of systems that use this type of memory to store configuration information.                                                                                                                                                                                                                                                       |
+| Audit Sensitive Privilege Use |                     <b>SeTcbPrivilege: <br></b>Act as part of the operating system                     |                                                                                                                                                                                          This privilege identifies its holder as part of the trusted computer base. This user right allows a process to impersonate any user without authentication. The process can therefore gain access to the same local resources as that user.                                                                                                                                                                                           |
+| Audit Sensitive Privilege Use | <b>SeEnableDelegationPrivilege: <br></b>Enable computer and user accounts to be trusted for delegation | Required to mark user and computer accounts as trusted for delegation. With this privilege, the user can set the **Trusted for Deleg**ation setting on a user or computer object. The user or object that is granted this privilege must have write access to the account control flags on the user or computer object. A server process running on a computer (or under a user context) that is trusted for delegation can access resources on another computer using the delegated credentials of a client, as long as the account of the client does not have the **Account cannot be delegated** account control flag set. |
 
 ## Security Monitoring Recommendations
 
diff --git a/windows/security/threat-protection/auditing/event-4674.md b/windows/security/threat-protection/auditing/event-4674.md
index b4146f681a..5781254277 100644
--- a/windows/security/threat-protection/auditing/event-4674.md
+++ b/windows/security/threat-protection/auditing/event-4674.md
@@ -157,42 +157,42 @@ Failure event generates when operation attempt fails.
 
 |     **Subcategory of event**      |                        **Privilege Name: <br>User Right Group Policy Name**                         |                                                                                                                                                                                           **Description**                                                                                                                                                                                           |
 |-----------------------------------|-----------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Audit Non Sensitive Privilege Use |               <strong>SeChangeNotifyPrivilege: <br></strong>Bypass traverse checking                | Required to receive notifications of changes to files or directories. This privilege also causes the system to skip all traversal access checks. <br>With this privilege, the user can traverse directory trees even though the user may not have permissions on the traversed directory. This privilege does not allow the user to list the contents of a directory, only to traverse directories. |
-| Audit Non Sensitive Privilege Use |                 <strong>SeCreateGlobalPrivilege: <br></strong>Create global objects                 |                                                                                                                                              Required to create named file mapping objects in the global namespace during Terminal Services sessions.                                                                                                                                               |
-| Audit Non Sensitive Privilege Use |                  <strong>SeCreatePagefilePrivilege: <br></strong>Create a pagefile                  |                                                                                                                                                             With this privilege, the user can create and change the size of a pagefile.                                                                                                                                                             |
-| Audit Non Sensitive Privilege Use |          <strong>SeCreatePermanentPrivilege: <br></strong>Create permanent shared objects           |                                                                Required to create a permanent object. <br>This privilege is useful to kernel-mode components that extend the object namespace. Components that are running in kernel mode already have this privilege inherently; it is not necessary to assign them the privilege.                                                                 |
-| Audit Non Sensitive Privilege Use |              <strong>SeCreateSymbolicLinkPrivilege: <br></strong>Create symbolic links              |                                                                                                                                                                                 Required to create a symbolic link.                                                                                                                                                                                 |
-| Audit Non Sensitive Privilege Use |         <strong>SeIncreaseBasePriorityPrivilege: <br></strong>Increase scheduling priority          |                             Required to increase the base priority of a process.<br>With this privilege, the user can use a process with Write property access to another process to increase the execution priority assigned to the other process. A user with this privilege can change the scheduling priority of a process through the Task Manager user interface.                             |
-| Audit Non Sensitive Privilege Use |          <strong>SeIncreaseQuotaPrivilege: <br></strong>Adjust memory quotas for a process          |                                                                                                                      Required to increase the quota assigned to a process. <br>With this privilege, the user can change the maximum memory that can be consumed by a process.                                                                                                                       |
-| Audit Non Sensitive Privilege Use |         <strong>SeIncreaseWorkingSetPrivilege: <br></strong>Increase a process working set          |                                                                                                                                                         Required to allocate more memory for applications that run in the context of users.                                                                                                                                                         |
-| Audit Non Sensitive Privilege Use |                  <strong>SeLockMemoryPrivilege: <br></strong>Lock pages in memory                   |                         Required to lock physical pages in memory. <br>With this privilege, the user can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).                         |
-| Audit Non Sensitive Privilege Use |             <strong>SeMachineAccountPrivilege: <br></strong>Add workstations to domain              |                                                                                                                                          With this privilege, the user can create a computer account. This privilege is valid only on domain controllers.                                                                                                                                           |
-| Audit Non Sensitive Privilege Use |           <strong>SeManageVolumePrivilege: <br></strong>Perform volume maintenance tasks            |                                                                                                                                                           Required to run maintenance tasks on a volume, such as remote defragmentation.                                                                                                                                                            |
-| Audit Non Sensitive Privilege Use |            <strong>SeProfileSingleProcessPrivilege: <br></strong>Profile single process             |                                                                                                      Required to gather profiling information for a single process. <br>With this privilege, the user can use performance monitoring tools to monitor the performance of non-system processes.                                                                                                      |
-| Audit Non Sensitive Privilege Use |                   <strong>SeRelabelPrivilege: <br></strong>Modify an object label                   |                                                                                                                                                                   Required to modify the mandatory integrity level of an object.                                                                                                                                                                    |
-| Audit Non Sensitive Privilege Use |         <strong>SeRemoteShutdownPrivilege: <br></strong>Force shutdown from a remote system         |                                                                                                                                                                       Required to shut down a system using a network request.                                                                                                                                                                       |
-| Audit Non Sensitive Privilege Use |                   <strong>SeShutdownPrivilege: <br></strong>Shut down the system                    |                                                                                                                                                                                Required to shut down a local system.                                                                                                                                                                                |
-| Audit Non Sensitive Privilege Use |            <strong>SeSyncAgentPrivilege: <br></strong>Synchronize directory service data            |      This privilege enables the holder to read all objects and properties in the directory, regardless of the protection on the objects and properties. By default, it is assigned to the Administrator and LocalSystem accounts on domain controllers. <br>With this privilege, the user can synchronize all directory service data. This is also known as Active Directory synchronization.       |
-| Audit Non Sensitive Privilege Use |              <strong>SeSystemProfilePrivilege: <br></strong>Profile system performance              |                                                                                                       Required to gather profiling information for the entire system. <br>With this privilege, the user can use performance monitoring tools to monitor the performance of system processes.                                                                                                        |
-| Audit Non Sensitive Privilege Use |                 <strong>SeSystemtimePrivilege: <br></strong>Change the system time                  |                     Required to modify the system time. <br>With this privilege, the user can change the time and date on the internal clock of the computer. Users that are assigned this user right can affect the appearance of event logs. If the system time is changed, events that are logged will reflect this new time, not the actual time that the events occurred.                      |
-| Audit Non Sensitive Privilege Use |                   <strong>SeTimeZonePrivilege: <br></strong>Change the time zone                    |                                                                                                                                                           Required to adjust the time zone associated with the computer's internal clock.                                                                                                                                                           |
-| Audit Non Sensitive Privilege Use | <strong>SeTrustedCredManAccessPrivilege: <br></strong>Access Credential Manager as a trusted caller |                                                                                                                                                                     Required to access Credential Manager as a trusted caller.                                                                                                                                                                      |
-| Audit Non Sensitive Privilege Use |            <strong>SeUndockPrivilege: <br></strong>Remove computer from docking station             |                                                                                                                             Required to undock a laptop. <br>With this privilege, the user can undock a portable computer from its docking station without logging on.                                                                                                                              |
+| Audit Non Sensitive Privilege Use |               <b>SeChangeNotifyPrivilege: <br></b>Bypass traverse checking                | Required to receive notifications of changes to files or directories. This privilege also causes the system to skip all traversal access checks. <br>With this privilege, the user can traverse directory trees even though the user may not have permissions on the traversed directory. This privilege does not allow the user to list the contents of a directory, only to traverse directories. |
+| Audit Non Sensitive Privilege Use |                 <b>SeCreateGlobalPrivilege: <br></b>Create global objects                 |                                                                                                                                              Required to create named file mapping objects in the global namespace during Terminal Services sessions.                                                                                                                                               |
+| Audit Non Sensitive Privilege Use |                  <b>SeCreatePagefilePrivilege: <br></b>Create a pagefile                  |                                                                                                                                                             With this privilege, the user can create and change the size of a pagefile.                                                                                                                                                             |
+| Audit Non Sensitive Privilege Use |          <b>SeCreatePermanentPrivilege: <br></b>Create permanent shared objects           |                                                                Required to create a permanent object. <br>This privilege is useful to kernel-mode components that extend the object namespace. Components that are running in kernel mode already have this privilege inherently; it is not necessary to assign them the privilege.                                                                 |
+| Audit Non Sensitive Privilege Use |              <b>SeCreateSymbolicLinkPrivilege: <br></b>Create symbolic links              |                                                                                                                                                                                 Required to create a symbolic link.                                                                                                                                                                                 |
+| Audit Non Sensitive Privilege Use |         <b>SeIncreaseBasePriorityPrivilege: <br></b>Increase scheduling priority          |                             Required to increase the base priority of a process.<br>With this privilege, the user can use a process with Write property access to another process to increase the execution priority assigned to the other process. A user with this privilege can change the scheduling priority of a process through the Task Manager user interface.                             |
+| Audit Non Sensitive Privilege Use |          <b>SeIncreaseQuotaPrivilege: <br></b>Adjust memory quotas for a process          |                                                                                                                      Required to increase the quota assigned to a process. <br>With this privilege, the user can change the maximum memory that can be consumed by a process.                                                                                                                       |
+| Audit Non Sensitive Privilege Use |         <b>SeIncreaseWorkingSetPrivilege: <br></b>Increase a process working set          |                                                                                                                                                         Required to allocate more memory for applications that run in the context of users.                                                                                                                                                         |
+| Audit Non Sensitive Privilege Use |                  <b>SeLockMemoryPrivilege: <br></b>Lock pages in memory                   |                         Required to lock physical pages in memory. <br>With this privilege, the user can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).                         |
+| Audit Non Sensitive Privilege Use |             <b>SeMachineAccountPrivilege: <br></b>Add workstations to domain              |                                                                                                                                          With this privilege, the user can create a computer account. This privilege is valid only on domain controllers.                                                                                                                                           |
+| Audit Non Sensitive Privilege Use |           <b>SeManageVolumePrivilege: <br></b>Perform volume maintenance tasks            |                                                                                                                                                           Required to run maintenance tasks on a volume, such as remote defragmentation.                                                                                                                                                            |
+| Audit Non Sensitive Privilege Use |            <b>SeProfileSingleProcessPrivilege: <br></b>Profile single process             |                                                                                                      Required to gather profiling information for a single process. <br>With this privilege, the user can use performance monitoring tools to monitor the performance of non-system processes.                                                                                                      |
+| Audit Non Sensitive Privilege Use |                   <b>SeRelabelPrivilege: <br></b>Modify an object label                   |                                                                                                                                                                   Required to modify the mandatory integrity level of an object.                                                                                                                                                                    |
+| Audit Non Sensitive Privilege Use |         <b>SeRemoteShutdownPrivilege: <br></b>Force shutdown from a remote system         |                                                                                                                                                                       Required to shut down a system using a network request.                                                                                                                                                                       |
+| Audit Non Sensitive Privilege Use |                   <b>SeShutdownPrivilege: <br></b>Shut down the system                    |                                                                                                                                                                                Required to shut down a local system.                                                                                                                                                                                |
+| Audit Non Sensitive Privilege Use |            <b>SeSyncAgentPrivilege: <br></b>Synchronize directory service data            |      This privilege enables the holder to read all objects and properties in the directory, regardless of the protection on the objects and properties. By default, it is assigned to the Administrator and LocalSystem accounts on domain controllers. <br>With this privilege, the user can synchronize all directory service data. This is also known as Active Directory synchronization.       |
+| Audit Non Sensitive Privilege Use |              <b>SeSystemProfilePrivilege: <br></b>Profile system performance              |                                                                                                       Required to gather profiling information for the entire system. <br>With this privilege, the user can use performance monitoring tools to monitor the performance of system processes.                                                                                                        |
+| Audit Non Sensitive Privilege Use |                 <b>SeSystemtimePrivilege: <br></b>Change the system time                  |                     Required to modify the system time. <br>With this privilege, the user can change the time and date on the internal clock of the computer. Users that are assigned this user right can affect the appearance of event logs. If the system time is changed, events that are logged will reflect this new time, not the actual time that the events occurred.                      |
+| Audit Non Sensitive Privilege Use |                   <b>SeTimeZonePrivilege: <br></b>Change the time zone                    |                                                                                                                                                           Required to adjust the time zone associated with the computer's internal clock.                                                                                                                                                           |
+| Audit Non Sensitive Privilege Use | <b>SeTrustedCredManAccessPrivilege: <br></b>Access Credential Manager as a trusted caller |                                                                                                                                                                     Required to access Credential Manager as a trusted caller.                                                                                                                                                                      |
+| Audit Non Sensitive Privilege Use |            <b>SeUndockPrivilege: <br></b>Remove computer from docking station             |                                                                                                                             Required to undock a laptop. <br>With this privilege, the user can undock a portable computer from its docking station without logging on.                                                                                                                              |
 
 |   **Subcategory of event**    |                  **Privilege Name: <br>User Right Group Policy Name**                   |                                                                                                                                                                                                                                                                                                                                                                                                    **Description**                                                                                                                                                                                                                                                                                                                                                                                                    |
 |-------------------------------|-----------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Audit Sensitive Privilege Use |    <strong>SeAssignPrimaryTokenPrivilege: <br></strong>Replace a process-level token    |                                                                                                                                                                                                                                                               Required to assign the [*primary token*](https://msdn.microsoft.com/library/windows/desktop/ms721603(v=vs.85).aspx#_security_primary_token_gly) of a process. <br>With this privilege, the user can initiate a process to replace the default token associated with a started subprocess.                                                                                                                                                                                                                                                               |
-| Audit Sensitive Privilege Use |             <strong>SeAuditPrivilege: <br></strong>Generate security audits             |                                                                                                                                                                                                                                                                                                                                                                          With this privilege, the user can add entries to the security log.                                                                                                                                                                                                                                                                                                                                                                           |
-| Audit Sensitive Privilege Use |          <strong>SeBackupPrivilege: <br></strong>Back up files and directories          |                                                     -   Required to perform backup operations. <br>With this privilege, the user can bypass file and directory, registry, and other persistent object permissions for the purposes of backing up the system. This privilege causes the system to grant all read access control to any file, regardless of the [*access control list*](https://msdn.microsoft.com/library/windows/desktop/ms721532(v=vs.85).aspx#_security_access_control_list_gly) (ACL) specified for the file. Any access request other than read is still evaluated with the ACL. <br>The following access rights are granted if this privilege is held:<br>READ\_CONTROL<br>ACCESS\_SYSTEM\_SECURITY<br>FILE\_GENERIC\_READ<br>FILE\_TRAVERSE                                                     |
-| Audit Sensitive Privilege Use |           <strong>SeCreateTokenPrivilege: <br></strong>Create a token object            |                                                                                                                                                                                                                   Allows a process to create a token which it can then use to get access to any local resources when the process uses NtCreateToken() or other token-creation APIs. <br>When a process requires this privilege, we recommend using the LocalSystem account (which already includes the privilege), rather than creating a separate user account and assigning this privilege to it.                                                                                                                                                                                                                   |
-| Audit Sensitive Privilege Use |                  <strong>SeDebugPrivilege: <br></strong>Debug programs                  |                                                                                                                                                                                         Required to debug and adjust the memory of a process owned by another account. <br>With this privilege, the user can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not need this user right. Developers who are debugging new system components need this user right. <br>This user right provides complete access to sensitive and critical operating system components.                                                                                                                                                                                         |
-| Audit Sensitive Privilege Use | <strong>SeImpersonatePrivilege: <br></strong>Impersonate a client after authentication  |                                                                                                                                                                                                                                                                                                                                                                             With this privilege, the user can impersonate other accounts.                                                                                                                                                                                                                                                                                                                                                                             |
-| Audit Sensitive Privilege Use |       <strong>SeLoadDriverPrivilege: <br></strong>Load and unload device drivers        |                                                                                                                                                                                                                                                                                             Required to load or unload a device driver. <br>With this privilege, the user can dynamically load and unload device drivers or other code in to kernel mode. This user right does not apply to Plug and Play device drivers.                                                                                                                                                                                                                                                                                             |
-| Audit Sensitive Privilege Use |            <strong>SeLockMemoryPrivilege: <br></strong>Lock pages in memory             |                                                                                                                                                                                                                                  Required to lock physical pages in memory. <br>With this privilege, the user can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).                                                                                                                                                                                                                                  |
-| Audit Sensitive Privilege Use |         <strong>SeRestorePrivilege: <br></strong>Restore files and directories          | Required to perform restore operations. This privilege causes the system to grant all write access control to any file, regardless of the ACL specified for the file. Any access request other than write is still evaluated with the ACL. Additionally, this privilege enables you to set any valid user or group SID as the owner of a file. The following access rights are granted if this privilege is held:<br>WRITE\_DAC<br>WRITE\_OWNER<br>ACCESS\_SYSTEM\_SECURITY<br>FILE\_GENERIC\_WRITE<br>FILE\_ADD\_FILE<br>FILE\_ADD\_SUBDIRECTORY<br>DELETE<br>With this privilege, the user can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories and determines which users can set any valid security principal as the owner of an object. |
-| Audit Sensitive Privilege Use |       <strong>SeSecurityPrivilege: <br></strong>Manage auditing and security log        |                                                                                                                                                                                                                        Required to perform a number of security-related functions, such as controlling and viewing audit events in security event log. <br>With this privilege, the user can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys. A user with this privilege can also view and clear the security log.                                                                                                                                                                                                                        |
-| Audit Sensitive Privilege Use |  <strong>SeSystemEnvironmentPrivilege: <br></strong>Modify firmware environment values  |                                                                                                                                                                                                                                                                                                                                                  Required to modify the nonvolatile RAM of systems that use this type of memory to store configuration information.                                                                                                                                                                                                                                                                                                                                                   |
-| Audit Sensitive Privilege Use | <strong>SeTakeOwnershipPrivilege: <br></strong>Take ownership of files or other objects |                                                                                                                                                                                            Required to take ownership of an object without being granted discretionary access. This privilege allows the owner value to be set only to those values that the holder may legitimately assign as the owner of an object. <br>With this privilege, the user can take ownership of any securable object in the system, including Active Directory objects, files and folders, printers, registry keys, processes, and threads.                                                                                                                                                                                            |
+| Audit Sensitive Privilege Use |    <b>SeAssignPrimaryTokenPrivilege: <br></b>Replace a process-level token    |                                                                                                                                                                                                                                                               Required to assign the [*primary token*](https://msdn.microsoft.com/library/windows/desktop/ms721603(v=vs.85).aspx#_security_primary_token_gly) of a process. <br>With this privilege, the user can initiate a process to replace the default token associated with a started subprocess.                                                                                                                                                                                                                                                               |
+| Audit Sensitive Privilege Use |             <b>SeAuditPrivilege: <br></b>Generate security audits             |                                                                                                                                                                                                                                                                                                                                                                          With this privilege, the user can add entries to the security log.                                                                                                                                                                                                                                                                                                                                                                           |
+| Audit Sensitive Privilege Use |          <b>SeBackupPrivilege: <br></b>Back up files and directories          |                                                     -   Required to perform backup operations. <br>With this privilege, the user can bypass file and directory, registry, and other persistent object permissions for the purposes of backing up the system. This privilege causes the system to grant all read access control to any file, regardless of the [*access control list*](https://msdn.microsoft.com/library/windows/desktop/ms721532(v=vs.85).aspx#_security_access_control_list_gly) (ACL) specified for the file. Any access request other than read is still evaluated with the ACL. <br>The following access rights are granted if this privilege is held:<br>READ\_CONTROL<br>ACCESS\_SYSTEM\_SECURITY<br>FILE\_GENERIC\_READ<br>FILE\_TRAVERSE                                                     |
+| Audit Sensitive Privilege Use |           <b>SeCreateTokenPrivilege: <br></b>Create a token object            |                                                                                                                                                                                                                   Allows a process to create a token which it can then use to get access to any local resources when the process uses NtCreateToken() or other token-creation APIs. <br>When a process requires this privilege, we recommend using the LocalSystem account (which already includes the privilege), rather than creating a separate user account and assigning this privilege to it.                                                                                                                                                                                                                   |
+| Audit Sensitive Privilege Use |                  <b>SeDebugPrivilege: <br></b>Debug programs                  |                                                                                                                                                                                         Required to debug and adjust the memory of a process owned by another account. <br>With this privilege, the user can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not need this user right. Developers who are debugging new system components need this user right. <br>This user right provides complete access to sensitive and critical operating system components.                                                                                                                                                                                         |
+| Audit Sensitive Privilege Use | <b>SeImpersonatePrivilege: <br></b>Impersonate a client after authentication  |                                                                                                                                                                                                                                                                                                                                                                             With this privilege, the user can impersonate other accounts.                                                                                                                                                                                                                                                                                                                                                                             |
+| Audit Sensitive Privilege Use |       <b>SeLoadDriverPrivilege: <br></b>Load and unload device drivers        |                                                                                                                                                                                                                                                                                             Required to load or unload a device driver. <br>With this privilege, the user can dynamically load and unload device drivers or other code in to kernel mode. This user right does not apply to Plug and Play device drivers.                                                                                                                                                                                                                                                                                             |
+| Audit Sensitive Privilege Use |            <b>SeLockMemoryPrivilege: <br></b>Lock pages in memory             |                                                                                                                                                                                                                                  Required to lock physical pages in memory. <br>With this privilege, the user can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).                                                                                                                                                                                                                                  |
+| Audit Sensitive Privilege Use |         <b>SeRestorePrivilege: <br></b>Restore files and directories          | Required to perform restore operations. This privilege causes the system to grant all write access control to any file, regardless of the ACL specified for the file. Any access request other than write is still evaluated with the ACL. Additionally, this privilege enables you to set any valid user or group SID as the owner of a file. The following access rights are granted if this privilege is held:<br>WRITE\_DAC<br>WRITE\_OWNER<br>ACCESS\_SYSTEM\_SECURITY<br>FILE\_GENERIC\_WRITE<br>FILE\_ADD\_FILE<br>FILE\_ADD\_SUBDIRECTORY<br>DELETE<br>With this privilege, the user can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories and determines which users can set any valid security principal as the owner of an object. |
+| Audit Sensitive Privilege Use |       <b>SeSecurityPrivilege: <br></b>Manage auditing and security log        |                                                                                                                                                                                                                        Required to perform a number of security-related functions, such as controlling and viewing audit events in security event log. <br>With this privilege, the user can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys. A user with this privilege can also view and clear the security log.                                                                                                                                                                                                                        |
+| Audit Sensitive Privilege Use |  <b>SeSystemEnvironmentPrivilege: <br></b>Modify firmware environment values  |                                                                                                                                                                                                                                                                                                                                                  Required to modify the nonvolatile RAM of systems that use this type of memory to store configuration information.                                                                                                                                                                                                                                                                                                                                                   |
+| Audit Sensitive Privilege Use | <b>SeTakeOwnershipPrivilege: <br></b>Take ownership of files or other objects |                                                                                                                                                                                            Required to take ownership of an object without being granted discretionary access. This privilege allows the owner value to be set only to those values that the holder may legitimately assign as the owner of an object. <br>With this privilege, the user can take ownership of any securable object in the system, including Active Directory objects, files and folders, printers, registry keys, processes, and threads.                                                                                                                                                                                            |
 
 ## Security Monitoring Recommendations
 
diff --git a/windows/security/threat-protection/auditing/event-4688.md b/windows/security/threat-protection/auditing/event-4688.md
index 55ace9419d..e441a2501c 100644
--- a/windows/security/threat-protection/auditing/event-4688.md
+++ b/windows/security/threat-protection/auditing/event-4688.md
@@ -206,9 +206,9 @@ For 4688(S): A new process has been created.
 
 - It can be unusual for a process to run using a local account in either **Creator Subject\\Security ID** or in **Target** **Subject\\Security ID**.
 
-- Monitor for **Token Elevation Type** with value **TokenElevationTypeDefault (1)** when **Subject\\Security ID** lists a real user account, for example when **Account Name** doesn’t contain the $ symbol<strong>.</strong> Typically this means that UAC is disabled for this account for some reason.
+- Monitor for **Token Elevation Type** with value **TokenElevationTypeDefault (1)** when **Subject\\Security ID** lists a real user account, for example when **Account Name** doesn’t contain the $ symbol<b>.</b> Typically this means that UAC is disabled for this account for some reason.
 
-- Monitor for **Token Elevation Type** with value **TokenElevationTypeDefault (2)** on standard workstations, when **Subject\\Security ID** lists a real user account, for example when **Account Name** doesn’t contain the $ symbol<strong>.</strong> This means that a user ran a program using administrative privileges.
+- Monitor for **Token Elevation Type** with value **TokenElevationTypeDefault (2)** on standard workstations, when **Subject\\Security ID** lists a real user account, for example when **Account Name** doesn’t contain the $ symbol<b>.</b> This means that a user ran a program using administrative privileges.
 
 - You can also monitor for **Token Elevation Type** with value **TokenElevationTypeDefault (2)** on standard workstations, when a computer object was used to run the process, but that computer object is not the same computer where the event occurs.
 
diff --git a/windows/security/threat-protection/auditing/event-4741.md b/windows/security/threat-protection/auditing/event-4741.md
index ef907d69b0..ddfd079946 100644
--- a/windows/security/threat-protection/auditing/event-4741.md
+++ b/windows/security/threat-protection/auditing/event-4741.md
@@ -242,7 +242,7 @@ So this UAC flags value decodes to: LOCKOUT and SCRIPT
 
 - **DNS Host Name** \[Type = UnicodeString\]: name of computer account as registered in DNS. The value of **dNSHostName** attribute of new computer object. For manually created computer account objects this field has value “**-**“.
 
-- **Service Principal Names** \[Type = UnicodeString\]**:** The list of SPNs, registered for computer account. For new computer accounts it will typically contain HOST SPNs and RestrictedKrbHost SPNs. The value of **servicePrincipalName** attribute of new computer object. For manually created computer objects it is typically equals “**-**“. This is an example of **Service Principal Names** field for new domain joined workstation<strong>:</strong>
+- **Service Principal Names** \[Type = UnicodeString\]**:** The list of SPNs, registered for computer account. For new computer accounts it will typically contain HOST SPNs and RestrictedKrbHost SPNs. The value of **servicePrincipalName** attribute of new computer object. For manually created computer objects it is typically equals “**-**“. This is an example of **Service Principal Names** field for new domain joined workstation<b>:</b>
 
   HOST/Win81.contoso.local
 
diff --git a/windows/security/threat-protection/auditing/event-4742.md b/windows/security/threat-protection/auditing/event-4742.md
index b39135ee00..94fc78b48f 100644
--- a/windows/security/threat-protection/auditing/event-4742.md
+++ b/windows/security/threat-protection/auditing/event-4742.md
@@ -243,7 +243,7 @@ So this UAC flags value decodes to: LOCKOUT and SCRIPT
 
 - **Service Principal Names** \[Type = UnicodeString\]**:** The list of SPNs, registered for computer account. If the SPN list of a computer account changed, you will see the new SPN list in **Service Principal Names** field (note that you will see the new list instead of changes). If the value of **servicePrincipalName** attribute of computer object was changed, you will see the new value here.
 
-  Here is an example of **Service Principal Names** field for new domain joined workstation in event 4742 on domain controller, after workstation reboots<strong>:</strong>
+  Here is an example of **Service Principal Names** field for new domain joined workstation in event 4742 on domain controller, after workstation reboots<b>:</b>
 
   HOST/Win81.contoso.local
 
diff --git a/windows/security/threat-protection/auditing/event-4907.md b/windows/security/threat-protection/auditing/event-4907.md
index 34454c6d14..6610d670eb 100644
--- a/windows/security/threat-protection/auditing/event-4907.md
+++ b/windows/security/threat-protection/auditing/event-4907.md
@@ -285,5 +285,5 @@ For 4907(S): Auditing settings on object were changed.
 
 - If you have critical file or registry objects and you need to monitor all modifications (especially changes in SACL), monitor for specific “**Object\\Object Name”**.
 
-- If you have high-value computers for which you need to monitor all changes for all or specific file or registry objects, monitor for all [4907](event-4907.md) events on these computers<strong>.</strong>
+- If you have high-value computers for which you need to monitor all changes for all or specific file or registry objects, monitor for all [4907](event-4907.md) events on these computers<b>.</b>
 
diff --git a/windows/security/threat-protection/auditing/event-5140.md b/windows/security/threat-protection/auditing/event-5140.md
index a4f705ba93..3d3d5152cc 100644
--- a/windows/security/threat-protection/auditing/event-5140.md
+++ b/windows/security/threat-protection/auditing/event-5140.md
@@ -145,7 +145,7 @@ For 5140(S, F): A network share object was accessed.
 
 > **Important**&nbsp;&nbsp;For this event, also see [Appendix A: Security monitoring recommendations for many audit events](appendix-a-security-monitoring-recommendations-for-many-audit-events.md).
 
-- If you have high-value computers for which you need to monitor all access to all shares or specific shares (“**Share Name**”), monitor this event<strong>.</strong> For example, you could monitor share **C$** on domain controllers.
+- If you have high-value computers for which you need to monitor all access to all shares or specific shares (“**Share Name**”), monitor this event<b>.</b> For example, you could monitor share **C$** on domain controllers.
 
 - Monitor this event if the **Network Information\\Source Address** is not from your internal IP range.
 
diff --git a/windows/security/threat-protection/auditing/event-5142.md b/windows/security/threat-protection/auditing/event-5142.md
index 858e4a608f..727a8f8576 100644
--- a/windows/security/threat-protection/auditing/event-5142.md
+++ b/windows/security/threat-protection/auditing/event-5142.md
@@ -104,7 +104,7 @@ For 5142(S): A network share object was added.
 
 > **Important**&nbsp;&nbsp;For this event, also see [Appendix A: Security monitoring recommendations for many audit events](appendix-a-security-monitoring-recommendations-for-many-audit-events.md).
 
-- If you have high-value computers for which you need to monitor creation of new file shares, monitor this event<strong>.</strong> For example, you could monitor domain controllers.
+- If you have high-value computers for which you need to monitor creation of new file shares, monitor this event<b>.</b> For example, you could monitor domain controllers.
 
 - We recommend checking “**Share Path**”, because it should not point to system directories, such as **C:\\Windows** or **C:\\**, or to critical local folders which contain private or high value information.
 
diff --git a/windows/security/threat-protection/auditing/event-5143.md b/windows/security/threat-protection/auditing/event-5143.md
index c7f46521ae..7fd678a12b 100644
--- a/windows/security/threat-protection/auditing/event-5143.md
+++ b/windows/security/threat-protection/auditing/event-5143.md
@@ -259,5 +259,5 @@ For 5143(S): A network share object was modified.
 
 > **Important**&nbsp;&nbsp;For this event, also see [Appendix A: Security monitoring recommendations for many audit events](appendix-a-security-monitoring-recommendations-for-many-audit-events.md).
 
-- If you have high-value computers for which you need to monitor all modifications to all shares or specific shares (“**Share Name**”), monitor this event<strong>.</strong> For example, you could monitor all changes to the SYSVOL share on domain controllers.
+- If you have high-value computers for which you need to monitor all modifications to all shares or specific shares (“**Share Name**”), monitor this event<b>.</b> For example, you could monitor all changes to the SYSVOL share on domain controllers.
 
diff --git a/windows/security/threat-protection/auditing/event-5144.md b/windows/security/threat-protection/auditing/event-5144.md
index 4c20a34092..c0cff03c22 100644
--- a/windows/security/threat-protection/auditing/event-5144.md
+++ b/windows/security/threat-protection/auditing/event-5144.md
@@ -106,5 +106,5 @@ For 5144(S): A network share object was deleted.
 
 - If you have critical network shares for which you need to monitor all changes (especially, the deletion of that share), monitor for specific “**Share Information\\Share Name”.**
 
-- If you have high-value computers for which you need to monitor all changes (especially, deletion of file shares), monitor for all [5144](event-5144.md) events on these computers<strong>.</strong> For example, you could monitor file shares on domain controllers.
+- If you have high-value computers for which you need to monitor all changes (especially, deletion of file shares), monitor for all [5144](event-5144.md) events on these computers<b>.</b> For example, you could monitor file shares on domain controllers.
 
diff --git a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
index 725e9d2023..d594900ce7 100644
--- a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
@@ -42,7 +42,7 @@ The following tables provide more information about the hardware, firmware, and
 | Firmware: **UEFI firmware version 2.3.1.c or higher with UEFI Secure Boot** | See the System.Fundamentals.Firmware.UEFISecureBoot requirement in the [Windows Hardware Compatibility Specifications for Windows 10, version 1809 and Windows Server 2019 - Systems download](https://go.microsoft.com/fwlink/?linkid=2027110). You can find previous versions of the Windows Hardware Compatibility Program Specifications and Policies [here](https://docs.microsoft.com/windows-hardware/design/compatibility/whcp-specifications-policies). | UEFI Secure Boot helps ensure that the device boots only authorized code. This can prevent boot kits and root kits from installing and persisting across reboots.  |
 | Firmware: **Secure firmware update process**      | UEFI firmware must support secure firmware update found under the System.Fundamentals.Firmware.UEFISecureBoot requirement in the [Windows Hardware Compatibility Specifications for Windows 10, version 1809 and Windows Server 2019 - Systems download](https://go.microsoft.com/fwlink/?linkid=2027110). You can find previous versions of the Windows Hardware Compatibility Program Specifications and Policies [here](https://docs.microsoft.com/windows-hardware/design/compatibility/whcp-specifications-policies).  | UEFI firmware just like software can have security vulnerabilities that, when found, need to be patched through firmware updates. Patching helps prevent root kits from getting installed. |
 | Software: **HVCI compatible drivers**       | See the Filter.Driver.DeviceGuard.DriverCompatibility requirement in the [Windows Hardware Compatibility Specifications for Windows 10, version 1809 and Windows Server 2019 - Filter driver download](https://go.microsoft.com/fwlink/?linkid=2027110). You can find previous versions of the Windows Hardware Compatibility Program Specifications and Policies [here](https://docs.microsoft.com/windows-hardware/design/compatibility/whcp-specifications-policies). | [HVCI Compatible](https://blogs.msdn.microsoft.com/windows_hardware_certification/2015/05/22/driver-compatibility-with-device-guard-in-windows-10/) drivers help ensure that VBS can maintain appropriate memory permissions. This increases resistance to bypassing vulnerable kernel drivers and helps ensure that malware cannot run in kernel. Only code verified through code integrity can run in kernel mode.  |
-| Software: Qualified **Windows operating system**  | Windows 10 Enterprise, Windows 10 Pro, Windows 10 Education, Windows Server 2016, or Windows 10 IoT Enterprise<br><blockquote><p><strong>Important:</strong><br> Windows Server 2016 running as a domain controller does not support Windows Defender Credential Guard. Only virtualization-based protection of code integrity is supported in this configuration.</p></blockquote> | Support for VBS and for management features that simplify configuration of Windows Defender Device Guard. |
+| Software: Qualified **Windows operating system**  | Windows 10 Enterprise, Windows 10 Pro, Windows 10 Education, Windows Server 2016, or Windows 10 IoT Enterprise<br><blockquote><p><b>Important:</b><br> Windows Server 2016 running as a domain controller does not support Windows Defender Credential Guard. Only virtualization-based protection of code integrity is supported in this configuration.</p></blockquote> | Support for VBS and for management features that simplify configuration of Windows Defender Device Guard. |
 
 > **Important**&nbsp;&nbsp;The following tables list additional qualifications for improved security. You can use Windows Defender Device Guard with hardware, firmware, and software that support baseline protections, even if they do not support protections for improved security. However, we strongly recommend meeting these additional qualifications to significantly strengthen the level of security that Windows Defender Device Guard can provide.
 
@@ -75,6 +75,6 @@ The following tables describe additional hardware and firmware qualifications, a
 
 | Protections for Improved Security          | Description                                        | Security benefits |
 |---------------------------------------------|----------------------------------------------------|------|
-| Firmware: **VBS enablement of NX protection for UEFI runtime services** | • VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;• Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;• PE sections need to be page-aligned in memory (not required for in non-volitile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;• The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;• All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;• No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><strong>Notes:</strong><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and executable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code  | • Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.   |
+| Firmware: **VBS enablement of NX protection for UEFI runtime services** | • VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;• Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;• PE sections need to be page-aligned in memory (not required for in non-volitile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;• The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;• All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;• No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><b>Notes:</b><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and executable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code  | • Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.   |
 | Firmware: **Firmware support for SMM protection** | The [Windows SMM Security Mitigations Table (WSMT) specification](https://download.microsoft.com/download/1/8/A/18A21244-EB67-4538-BAA2-1A54E0E490B6/WSMT.docx) contains details of an Advanced Configuration and Power Interface (ACPI) table that was created for use with Windows operating systems that support Windows virtualization-based security (VBS) features.| • Protects against potential vulnerabilities in UEFI runtime services, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.<br>• Blocks additional security attacks against SMM.  |
 
diff --git a/windows/security/threat-protection/fips-140-validation.md b/windows/security/threat-protection/fips-140-validation.md
index 7bc3af8993..262058bf1d 100644
--- a/windows/security/threat-protection/fips-140-validation.md
+++ b/windows/security/threat-protection/fips-140-validation.md
@@ -102,10 +102,10 @@ Validated Editions: Home, Pro, Enterprise, Education
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library</td>
@@ -166,10 +166,10 @@ Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library</td>
@@ -236,10 +236,10 @@ Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
@@ -251,7 +251,7 @@ Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
 <p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1133">#1133</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#2521">#2521</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1281">#1281</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#1278">#1278</a>)</p></td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3094.pdf">10.0.15063</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094">#3094</a></td>
 <td><p><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094">#3094</a></p>
@@ -323,10 +323,10 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
@@ -338,7 +338,7 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile
 <p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#922">#922</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#888">#888</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#887">#887</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#886">#886</a>)</p></td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2936.pdf">10.0.14393</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">#2936</a></td>
 <td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">#1217</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">#1098</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">#911</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">#92</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101">#101</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062">#4062</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192">#2192</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195">#2195</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227">#2227</a>)<br />
@@ -416,10 +416,10 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
@@ -431,7 +431,7 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
 <p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#666">#666</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#665">#665</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#663">#663</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#664">#664</a>)</p></td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf">10.0.10586</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605">#2605</a></td>
 <td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">#3629</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">#955</a>); DSA (Certs.  <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024">#1024</a>); ECDSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760">#760</a>); HMAC (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381">#2381</a>); KAS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#72">#72</a>; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); KBKDF (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#72">#72</a>); KTS (AES Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1887">#1887</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1888">#1888</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1889">#1889</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">#3047</a>); Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2024">#2024</a>)<br />
@@ -514,10 +514,10 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, and Surface
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
@@ -529,7 +529,7 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, and Surface
 <p><em>Validated Component Implementations:</em> FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#572">#572</a>); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#576">#576</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#575">#575</a>)</p></td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2605.pdf">10.0.10240</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605">#2605</a></td>
 <td><p><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">#868</a>); DSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983">#983</a>); ECDSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706">#706</a>); HMAC (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233">#2233</a>); KAS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64">#64</a>; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); KBKDF (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#66">#66</a>); KTS (AES Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3507">#3507</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1783">#1783</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1798">#1798</a>, and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1802">#1802</a>); SHS (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">#2886</a>); Triple-DES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1969">#1969</a>)<br />
@@ -612,10 +612,10 @@ Validated Editions: RT, Pro, Enterprise, Phone, Embedded
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
@@ -627,7 +627,7 @@ Validated Editions: RT, Pro, Enterprise, Phone, Embedded
 <p><em>Validated Component Implementations:</em> FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#288">#288</a>); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#289">#289</a>); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/component#323">#323</a>)</p></td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2356.pdf">6.3.9600 6.3.9600.17042</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356">#2356</a></td>
 <td><p><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">#505</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47">#47</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30">#30</a>); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487">#1487</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493">#1493</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519">#1519</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692">#1692</a>)<br />
@@ -689,10 +689,10 @@ Validated Editions: RT, Home, Pro, Enterprise, Phone
 <table>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)</td>
@@ -705,7 +705,7 @@ Validated Editions: RT, Home, Pro, Enterprise, Phone
 </td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1891.pdf">6.2.9200</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891">#1891</a></td>
 <td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216">#2216</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#259">#259</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">#341</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">#1345</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36">#36</a>); KBKDF (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3">#3</a>); PBKDF (vendor affirmed); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110">#1110</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133">#1133</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134">#1134</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387">#1387</a>)<br />
@@ -791,10 +791,10 @@ Validated Editions: Windows 7, Windows 7 SP1
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)</td>
@@ -915,10 +915,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Boot Manager (bootmgr)</td>
@@ -981,10 +981,10 @@ Validated Editions: Ultimate Edition
 <table>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Enhanced Cryptographic Provider (RSAENH)</td>
@@ -1033,10 +1033,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
@@ -1074,10 +1074,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>DSS/Diffie-Hellman Enhanced Cryptographic Provider</td>
@@ -1108,10 +1108,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Microsoft Enhanced Cryptographic Provider</td>
@@ -1135,10 +1135,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Kernel Mode Cryptographic Module</td>
@@ -1162,10 +1162,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
@@ -1199,10 +1199,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
@@ -1240,10 +1240,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider</td>
@@ -1270,10 +1270,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider</td>
@@ -1297,10 +1297,10 @@ Validated Editions: Ultimate Edition
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider</td>
@@ -1318,10 +1318,10 @@ Validated Editions: Ultimate Edition
 <table>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Base Cryptographic Provider</td>
@@ -1349,10 +1349,10 @@ Validated Editions: Standard, Datacenter
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library</td>
@@ -1413,10 +1413,10 @@ Validated Editions: Standard, Datacenter
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library</td>
@@ -1483,10 +1483,10 @@ Validated Editions: Standard, Datacenter, Storage Server
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
@@ -1497,7 +1497,7 @@ Validated Editions: Standard, Datacenter, Storage Server
 <em>Other algorithms:</em> HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)</td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2936.pdf">10.0.14393</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">2936</a></td>
 <td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a>); DRBG (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">#1217</a>); DSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">#1098</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">#911</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">#92</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101">#101</a>); KTS (AES Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062">#4062</a>; key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192">#2192</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195">#2195</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227">#2227</a>)<br />
@@ -1562,10 +1562,10 @@ Validated Editions: Server, Storage Server,
 <table>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)</td>
@@ -1576,7 +1576,7 @@ Validated Editions: Server, Storage Server,
 <em>Other algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)</td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp2356.pdf">6.3.9600 6.3.9600.17042</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356">2356</a></td>
 <td><em>FIPS Approved algorithms:</em> AES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">#2832</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">#505</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#47">#47</a>); KBKDF (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30">#30</a>); PBKDF (vendor affirmed); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487">#1487</a>, <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493">#1493</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519">#1519</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373"># 2373</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692">#1692</a>)<br />
@@ -1638,10 +1638,10 @@ Validated Editions: Server, Storage Server
 <table>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)</td>
@@ -1654,7 +1654,7 @@ Validated Editions: Server, Storage Server
 <em>Other algorithms:</em> AES (Cert. , key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)</td>
 </tr>
 <tr class="odd">
-<td><strong>Kernel Mode Cryptographic Primitives Library (cng.sys)</strong></td>
+<td><b>Kernel Mode Cryptographic Primitives Library (cng.sys)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1891.pdf">6.2.9200</a></td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891">1891</a></td>
 <td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216">#2216</a>); DRBG (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#259">#259</a>); ECDSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">#341</a>); HMAC (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">#1345</a>); KAS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36">#36</a>); KBKDF (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3">#3</a>); PBKDF (vendor affirmed); RNG (Cert. <a href="http://csrc.nist.gov/groups/stm/cavp/documents/rng/rnghistoricalval.html#1110">#1110</a>); RSA (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133">#1133</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134">#1134</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a>); Triple-DES (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387">#1387</a>)<br />
@@ -1728,10 +1728,10 @@ Validated Editions: Server, Storage Server
 <table>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Boot Manager (bootmgr)</td>
@@ -1742,7 +1742,7 @@ Validated Editions: Server, Storage Server
 <em>Other algorithms:</em> MD5</td>
 </tr>
 <tr class="odd">
-<td><strong>Winload OS Loader (winload.exe)</strong></td>
+<td><b>Winload OS Loader (winload.exe)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1333.pdf">6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675</a>6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675</td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1333">1333</a></td>
 <td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568">#568</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a>)<br />
@@ -1806,10 +1806,10 @@ Validated Editions: Server, Storage Server
 <table>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Boot Manager (bootmgr)</td>
@@ -1820,7 +1820,7 @@ Validated Editions: Server, Storage Server
 <em>Other algorithms:</em> N/A</td>
 </tr>
 <tr class="odd">
-<td><strong>Winload OS Loader (winload.exe)</strong></td>
+<td><b>Winload OS Loader (winload.exe)</b></td>
 <td><a href="http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140sp/140sp1005.pdf">6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596</a>6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596</td>
 <td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1005">1005</a></td>
 <td><em>FIPS Approved algorithms:</em> AES (Certs. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a> and <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760">#760</a>); RSA (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355">#355</a>); SHS (Cert. <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a>)<br />
@@ -1884,10 +1884,10 @@ Validated Editions: Server, Storage Server
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)</td>
@@ -1925,10 +1925,10 @@ Validated Editions: Server, Storage Server
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
@@ -1972,10 +1972,10 @@ Validated Editions: Server, Storage Server
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Kernel Mode Cryptographic Module (FIPS.SYS)</td>
@@ -2021,10 +2021,10 @@ Validated Editions: Server, Storage Server
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Enhanced Cryptographic Provider</td>
@@ -2056,10 +2056,10 @@ Validated Editions: Server, Storage Server
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Enhanced Cryptographic Provider</td>
@@ -2083,10 +2083,10 @@ Validated Editions: Server, Storage Server
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Cryptographic Module</strong></td>
-<td><strong>Version (link to Security Policy)</strong></td>
-<td><strong>FIPS Certificate #</strong></td>
-<td><strong>Algorithms</strong></td>
+<td><b>Cryptographic Module</b></td>
+<td><b>Version (link to Security Policy)</b></td>
+<td><b>FIPS Certificate #</b></td>
+<td><b>Algorithms</b></td>
 </tr>
 <tr class="even">
 <td>Outlook Cryptographic Provider (EXCHCSP)</td>
@@ -2113,8 +2113,8 @@ The following tables are organized by cryptographic algorithms with their modes,
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -2563,137 +2563,137 @@ The following tables are organized by cryptographic algorithms with their modes,
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB128</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>OFB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB128</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>OFB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CTR</b> ( int only; 128 , 192 , 256 )</p></td>
 <td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4627">#4627</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>KW</strong> ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 256 , 192 , 320 , 2048 )</p>
+<td><p><b>KW</b> ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 256 , 192 , 320 , 2048 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a></p></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4626">#4626</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CCM</strong> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<td><p><b>CCM</b> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a></p>
 <p> </p></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile BitLocker(R) Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4625">#4625</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB128</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p>
-<p><strong>CCM</strong> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
-<p><strong>CMAC</strong> (Generation/Verification ) (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 )</p>
-<p><strong>GCM</strong> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB128</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CTR</b> ( int only; 128 , 192 , 256 )</p>
+<p><b>CCM</b> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><b>CMAC</b> (Generation/Verification ) (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 16 Max: 16 )</p>
+<p><b>GCM</b> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
 <p>(KS: AES_256( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
 <p>IV Generated: ( External ) ; PT Lengths Tested: ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested: ( 0 , 1024 , 8 , 1016 ) ; 96BitIV_Supported</p>
 <p>GMAC_Supported</p>
-<p><strong>XTS</strong>( (KS: XTS_128( (e/d) (f) ) KS: XTS_256( (e/d) (f) )</p></td>
+<p><b>XTS</b>( (KS: XTS_128( (e/d) (f) ) KS: XTS_256( (e/d) (f) )</p></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">#4624</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p></td>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p></td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434">#4434</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p></td>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p></td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433">#4433</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CTR</b> ( int only; 128 , 192 , 256 )</p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431">#4431</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CTR</b> ( int only; 128 , 192 , 256 )</p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430">#4430</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB128</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>OFB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB128</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>OFB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CTR</b> ( int only; 128 , 192 , 256 )</p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4074">#4074</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 ); <strong>CBC</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB8</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB128</strong> ( e/d; 128 , 192 , 256 ); <strong>CTR</strong> ( int only; 128 , 192 , 256 )</p>
-<p><strong>CCM</strong> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
-<p><strong>CMAC (Generation/Verification )</strong> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
-<p><strong>GCM</strong> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 ); <b>CBC</b> ( e/d; 128 , 192 , 256 ); <b>CFB8</b> ( e/d; 128 , 192 , 256 ); <b>CFB128</b> ( e/d; 128 , 192 , 256 ); <b>CTR</b> ( int only; 128 , 192 , 256 )</p>
+<p><b>CCM</b> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><b>CMAC (Generation/Verification )</b> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
+<p><b>GCM</b> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
 (KS: AES_256( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
-<strong>IV Generated:</strong>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
+<b>IV Generated:</b>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
 GMAC_Supported</p>
-<p><strong>XTS( (KS: XTS_128</strong>( (e/d) (f) ) <strong>KS: XTS_256</strong>( (e/d) (f) )</p></td>
+<p><b>XTS( (KS: XTS_128</b>( (e/d) (f) ) <b>KS: XTS_256</b>( (e/d) (f) )</p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">#4064</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p>
 <p> </p></td>
 <td>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4063">#4063</a><br />
 Version 10.0.14393</td>
 </tr>
 <tr class="even">
-<td><p><strong>KW</strong>  ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 192 , 256 , 320 , 2048 )</p>
+<td><p><b>KW</b>  ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 192 , 256 , 320 , 2048 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4062">#4062</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CCM</strong> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<td><p><b>CCM</b> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BitLocker® Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4061">#4061</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>KW</strong>  ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 256 , 192 , 320 , 2048 )</p>
+<td><p><b>KW</b>  ( AE , AD , AES-128 , AES-192 , AES-256 , FWD , 128 , 256 , 192 , 320 , 2048 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3652">#3652</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CCM</strong> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<td><p><b>CCM</b> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” BitLocker® Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3653">#3653</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p>
 <p> </p></td>
 <td>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3630">#3630</a><br />
 Version 10.0.10586</td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 ); <strong>CBC</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB8</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB128</strong> ( e/d; 128 , 192 , 256 ); <strong>CTR</strong> ( int only; 128 , 192 , 256 )</p>
-<p><strong>CCM</strong> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
-<p><strong>CMAC (Generation/Verification )</strong> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
-<p><strong>GCM</strong> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 ); <b>CBC</b> ( e/d; 128 , 192 , 256 ); <b>CFB8</b> ( e/d; 128 , 192 , 256 ); <b>CFB128</b> ( e/d; 128 , 192 , 256 ); <b>CTR</b> ( int only; 128 , 192 , 256 )</p>
+<p><b>CCM</b> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><b>CMAC (Generation/Verification )</b> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
+<p><b>GCM</b> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
 (KS: AES_256( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
-<strong>IV Generated:</strong>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
+<b>IV Generated:</b>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
 GMAC_Supported</p>
-<p><strong>XTS( (KS: XTS_128</strong>( (e/d) (f) ) <strong>KS: XTS_256</strong>( (e/d) (f) )</p></td>
+<p><b>XTS( (KS: XTS_128</b>( (e/d) (f) ) <b>KS: XTS_256</b>( (e/d) (f) )</p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">#3629</a><br />
 <br />
 </p>
@@ -2706,141 +2706,141 @@ GMAC_Supported</p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CCM</strong> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<td><p><b>CCM</b> (KS: 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">Val#3497</a></p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BitLocker® Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3498">#3498</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 ); <strong>CBC</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB8</strong> ( e/d; 128 , 192 , 256 ); <strong>CFB128</strong> ( e/d; 128 , 192 , 256 ); <strong>CTR</strong> ( int only; 128 , 192 , 256 )</p>
-<p><strong>CCM</strong> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
-<p><strong>CMAC(Generation/Verification )</strong> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
-<p><strong>GCM</strong> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 ); <b>CBC</b> ( e/d; 128 , 192 , 256 ); <b>CFB8</b> ( e/d; 128 , 192 , 256 ); <b>CFB128</b> ( e/d; 128 , 192 , 256 ); <b>CTR</b> ( int only; 128 , 192 , 256 )</p>
+<p><b>CCM</b> (KS: 128 , 192 , 256 ) (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><b>CMAC(Generation/Verification )</b> (KS: 128; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
+<p><b>GCM</b> (KS: AES_128( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
 (KS: AES_256( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
-<strong>IV Generated:</strong>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
+<b>IV Generated:</b>  ( Externally ) ; PT Lengths Tested:  ( 0 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 0 , 0 ) ; 96BitIV_Supported<br />
 GMAC_Supported</p>
-<p><strong>XTS( (KS: XTS_128</strong>( (e/d) (f) ) <strong>KS: XTS_256</strong>( (e/d) (f) )</p></td>
+<p><b>XTS( (KS: XTS_128</b>( (e/d) (f) ) <b>KS: XTS_256</b>( (e/d) (f) )</p></td>
 <td>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">#3497</a><br />
 Version 10.0.10240</td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p>
 <p> </p></td>
 <td>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3476">#3476</a><br />
 Version 10.0.10240</td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p>
 <p> </p></td>
 <td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2853">#2853</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CCM (KS: 256 )</strong> (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
+<td><p><b>CCM (KS: 256 )</b> (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 32 ( Nonce Length(s): 12 (Tag Length(s): 16 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">Val#2832</a></p></td>
 <td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 BitLocker� Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2848">#2848</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>CCM (KS: 128 , 192 , 256 )</strong> (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 0 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
-<p><strong>CMAC (Generation/Verification ) (KS: 128</strong>; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
-<p><strong>GCM (KS: AES_128</strong>( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
-<p><strong>(KS: AES_256</strong>( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
-<p><strong>IV Generated:</strong>  ( Externally ) ; PT Lengths Tested:  ( 0 , 128 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 128 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 8 , 1024 ) ; 96BitIV_Supported ;<br />
-<strong>OtherIVLen_Supported<br />
-GMAC_Supported</strong></p></td>
+<td><p><b>CCM (KS: 128 , 192 , 256 )</b> (Assoc. Data Len Range: 0 - 0 , 2^16 ) (Payload Length Range: 0 - 0 ( Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16 )</p>
+<p><b>CMAC (Generation/Verification ) (KS: 128</b>; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 192; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 ) (KS: 256; Block Size(s): Full / Partial ; Msg Len(s) Min: 0 Max: 2^16 ; Tag Len(s) Min: 0 Max: 16 )</p>
+<p><b>GCM (KS: AES_128</b>( e/d ) Tag Length(s): 128 120 112 104 96 ) (KS: AES_192( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
+<p><b>(KS: AES_256</b>( e/d ) Tag Length(s): 128 120 112 104 96 )</p>
+<p><b>IV Generated:</b>  ( Externally ) ; PT Lengths Tested:  ( 0 , 128 , 1024 , 8 , 1016 ) ; AAD Lengths tested:  ( 0 , 128 , 1024 , 8 , 1016 ) ; IV Lengths Tested:  ( 8 , 1024 ) ; 96BitIV_Supported ;<br />
+<b>OtherIVLen_Supported<br />
+GMAC_Supported</b></p></td>
 <td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">2832</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CCM (KS: 128 , 192 , 256</strong> ) <strong>(Assoc. Data Len Range</strong>: 0 - 0 , 2^16 ) <strong>(Payload Length Range</strong>: 0 - 32 ( <strong>Nonce Length(s)</strong>: 7 8 9 10 11 12 13 <strong>(Tag Length(s)</strong>: 4 6 8 10 12 14 16 )<br />
+<td><p><b>CCM (KS: 128 , 192 , 256</b> ) <b>(Assoc. Data Len Range</b>: 0 - 0 , 2^16 ) <b>(Payload Length Range</b>: 0 - 32 ( <b>Nonce Length(s)</b>: 7 8 9 10 11 12 13 <b>(Tag Length(s)</b>: 4 6 8 10 12 14 16 )<br />
 AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">Val#2197</a></p>
-<p><strong>CMAC</strong> (Generation/Verification ) <strong>(KS: 128;</strong> Block Size(s): ; <strong>Msg Len(s)</strong> Min: 0 Max: 2^16 ; <strong>Tag Len(s)</strong> Min: 16 Max: 16 ) <strong>(KS: 192</strong>; Block Size(s): ; <strong>Msg Len(s)</strong> Min: 0 Max: 2^16 ; <strong>Tag Len(s)</strong> Min: 16 Max: 16 ) <strong>(KS: 256</strong>; Block Size(s): ; <strong>Msg Len(s)</strong> Min: 0 Max: 2^16 ; <strong>Tag Len(s)</strong> Min: 16 Max: 16 )<br />
+<p><b>CMAC</b> (Generation/Verification ) <b>(KS: 128;</b> Block Size(s): ; <b>Msg Len(s)</b> Min: 0 Max: 2^16 ; <b>Tag Len(s)</b> Min: 16 Max: 16 ) <b>(KS: 192</b>; Block Size(s): ; <b>Msg Len(s)</b> Min: 0 Max: 2^16 ; <b>Tag Len(s)</b> Min: 16 Max: 16 ) <b>(KS: 256</b>; Block Size(s): ; <b>Msg Len(s)</b> Min: 0 Max: 2^16 ; <b>Tag Len(s)</b> Min: 16 Max: 16 )<br />
 AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">Val#2197</a></p>
-<p><strong>GCM(KS: AES_128</strong>( e/d ) Tag Length(s): 128 120 112 104 96 ) <strong>(KS: AES_192</strong>( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
-<strong>(KS: AES_256</strong>( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
-<strong>IV Generated:</strong> ( Externally ) ; <strong>PT Lengths Tested:</strong> ( 0 , 128 , 1024 , 8 , 1016 ) ; <strong>AAD Lengths tested:</strong> ( 0 , 128 , 1024 , 8 , 1016 ) ; <strong>IV Lengths Tested:</strong> ( 8 , 1024 ) ; <strong>96BitIV_Supported<br />
-GMAC_Supported</strong></p></td>
+<p><b>GCM(KS: AES_128</b>( e/d ) Tag Length(s): 128 120 112 104 96 ) <b>(KS: AES_192</b>( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<b>(KS: AES_256</b>( e/d ) Tag Length(s): 128 120 112 104 96 )<br />
+<b>IV Generated:</b> ( Externally ) ; <b>PT Lengths Tested:</b> ( 0 , 128 , 1024 , 8 , 1016 ) ; <b>AAD Lengths tested:</b> ( 0 , 128 , 1024 , 8 , 1016 ) ; <b>IV Lengths Tested:</b> ( 8 , 1024 ) ; <b>96BitIV_Supported<br />
+GMAC_Supported</b></p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2216">#2216</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>CCM (KS: 256 ) (Assoc. Data Len Range:</strong> 0 - 0 , 2^16 <strong>) (Payload Length Range:</strong> 0 - 32 ( <strong>Nonce Length(s)</strong>: 12 <strong>(Tag Length(s)</strong>: 16 )</p>
+<td><p><b>CCM (KS: 256 ) (Assoc. Data Len Range:</b> 0 - 0 , 2^16 <b>) (Payload Length Range:</b> 0 - 32 ( <b>Nonce Length(s)</b>: 12 <b>(Tag Length(s)</b>: 16 )</p>
 <p>AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">Val#2196</a></p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2198">#2198</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB128</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB128</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CTR</b> ( int only; 128 , 192 , 256 )</p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">#2197</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p>
 <p> </p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2196">#2196</a></td>
 </tr>
 <tr class="odd">
-<td><strong>CCM (KS: 128 , 192 , 256 ) (Assoc. Data Len Range:</strong> 0 – 0 , 2^16 <strong>) (Payload Length Range:</strong> 0 - 32 <strong>( Nonce Length(s):</strong> 7 8 9 10 11 12 13 <strong>(Tag Length(s):</strong> 4 6 8 10 12 14 16 <strong>)</strong><br />
+<td><b>CCM (KS: 128 , 192 , 256 ) (Assoc. Data Len Range:</b> 0 – 0 , 2^16 <b>) (Payload Length Range:</b> 0 - 32 <b>( Nonce Length(s):</b> 7 8 9 10 11 12 13 <b>(Tag Length(s):</b> 4 6 8 10 12 14 16 <b>)</b><br />
 AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">Val#1168</a></td>
 <td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1187">#1187</a></p>
 <p>Windows 7 Ultimate and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1178">#1178</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>CCM (KS: 128 , 256 ) (Assoc. Data Len Range:</strong> 0 - 8 <strong>) (Payload Length Range:</strong> 4 - 32 <strong>( Nonce Length(s):</strong> 7 8 12 13 <strong>(Tag Length(s):</strong> 4 6 8 14 16 <strong>)</strong><br />
+<td><b>CCM (KS: 128 , 256 ) (Assoc. Data Len Range:</b> 0 - 8 <b>) (Payload Length Range:</b> 4 - 32 <b>( Nonce Length(s):</b> 7 8 12 13 <b>(Tag Length(s):</b> 4 6 8 14 16 <b>)</b><br />
 AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">Val#1168</a></td>
 <td>Windows 7 Ultimate and SP1 and Windows Server 2008 R2 and SP1 BitLocker Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1177">#1177</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p>
 <p> </p></td>
 <td>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>GCM</strong></p>
-<p><strong>GMAC</strong></p></td>
+<td><p><b>GCM</b></p>
+<p><b>GMAC</b></p></td>
 <td>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">#1168</a> , vendor-affirmed</td>
 </tr>
 <tr class="odd">
-<td><strong>CCM (KS: 128 , 256 ) (Assoc. Data Len Range:</strong> 0 - 8 <strong>) (Payload Length Range:</strong> 4 - 32 <strong>( Nonce Length(s):</strong> 7 8 12 13 <strong>(Tag Length(s):</strong> 4 6 8 14 16 <strong>)</strong></td>
+<td><b>CCM (KS: 128 , 256 ) (Assoc. Data Len Range:</b> 0 - 8 <b>) (Payload Length Range:</b> 4 - 32 <b>( Nonce Length(s):</b> 7 8 12 13 <b>(Tag Length(s):</b> 4 6 8 14 16 <b>)</b></td>
 <td>Windows Vista Ultimate SP1 and Windows Server 2008 BitLocker Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#760">#760</a></td>
 </tr>
 <tr class="even">
-<td><strong>CCM (KS: 128 , 192 , 256 ) (Assoc. Data Len Range:</strong> 0 - 0 , 2^16 <strong>) (Payload Length Range:</strong> 1 - 32 <strong>( Nonce Length(s):</strong> 7 8 9 10 11 12 13 <strong>(Tag Length(s):</strong> 4 6 8 10 12 14 16 <strong>)</strong></td>
+<td><b>CCM (KS: 128 , 192 , 256 ) (Assoc. Data Len Range:</b> 0 - 0 , 2^16 <b>) (Payload Length Range:</b> 1 - 32 <b>( Nonce Length(s):</b> 7 8 9 10 11 12 13 <b>(Tag Length(s):</b> 4 6 8 10 12 14 16 <b>)</b></td>
 <td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#757">#757</a></p>
 <p>Windows Vista Ultimate SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#756">#756</a></p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CBC</strong> ( e/d; 128 , 256 );</p>
-<p><strong>CCM</strong> (<strong>KS: 128 , 256</strong> ) (<strong>Assoc. Data Len Range</strong>: 0 - 8 ) (<strong>Payload Length Range</strong>: 4 - 32 ( <strong>Nonce Length(s)</strong>: 7 8 12 13 (<strong>Tag Length(s)</strong>: 4 6 8 14 16 )</p></td>
+<td><p><b>CBC</b> ( e/d; 128 , 256 );</p>
+<p><b>CCM</b> (<b>KS: 128 , 256</b> ) (<b>Assoc. Data Len Range</b>: 0 - 8 ) (<b>Payload Length Range</b>: 4 - 32 ( <b>Nonce Length(s)</b>: 7 8 12 13 (<b>Tag Length(s)</b>: 4 6 8 14 16 )</p></td>
 <td><p>Windows Vista Ultimate BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#715">#715</a></p>
 <p>Windows Vista Ultimate BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#424">#424</a></p></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CFB8</strong> ( e/d; 128 , 192 , 256 );</p></td>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CFB8</b> ( e/d; 128 , 192 , 256 );</p></td>
 <td><p>Windows Vista Ultimate SP1 and Windows Server 2008 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#739">#739</a></p>
 <p>Windows Vista Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#553">#553</a></p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CTR</strong> ( int only; 128 , 192 , 256 )</p></td>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CTR</b> ( int only; 128 , 192 , 256 )</p></td>
 <td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2023">#2023</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>ECB</strong> ( e/d; 128 , 192 , 256 );</p>
-<p><strong>CBC</strong> ( e/d; 128 , 192 , 256 );</p></td>
+<td><p><b>ECB</b> ( e/d; 128 , 192 , 256 );</p>
+<p><b>CBC</b> ( e/d; 128 , 192 , 256 );</p></td>
 <td><p>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2024">#2024</a></p>
 <p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#818">#818</a></p>
 <p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#781">#781</a></p>
@@ -2865,8 +2865,8 @@ Deterministic Random Bit Generator (DRBG)
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -2934,74 +2934,74 @@ Deterministic Random Bit Generator (DRBG)
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4627">Val#4627</a> ) ]</td>
+<td><b>CTR_DRBG:</b> [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4627">Val#4627</a> ) ]</td>
 <td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556">#1556</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a> ) ]</td>
+<td><b>CTR_DRBG:</b> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a> ) ]</td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">#1555</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434">Val#4434</a> ) ]</td>
+<td><b>CTR_DRBG</b>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4434">Val#4434</a> ) ]</td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1433">#1433</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433">Val#4433</a> ) ]</td>
+<td><b>CTR_DRBG</b>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4433">Val#4433</a> ) ]</td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1432">#1432</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431">Val#4431</a> ) ]</td>
+<td><b>CTR_DRBG</b>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4431">Val#4431</a> ) ]</td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">#1430</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430">Val#4430</a> ) ]</td>
+<td><b>CTR_DRBG</b>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4430">Val#4430</a> ) ]</td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">#1429</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4074">Val#4074</a> ) ]</td>
+<td><b>CTR_DRBG:</b> [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4074">Val#4074</a> ) ]</td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222">#1222</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a> ) ]</td>
+<td><b>CTR_DRBG:</b> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a> ) ]</td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">#1217</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a> ) ]</td>
+<td><b>CTR_DRBG:</b> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a> ) ]</td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">#955</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">Val#3497</a> ) ]</td>
+<td><b>CTR_DRBG:</b> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">Val#3497</a> ) ]</td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">#868</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><strong>CTR_DRBG:</strong> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">Val#2832</a> ) ]</td>
+<td><b>CTR_DRBG:</b> [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2832">Val#2832</a> ) ]</td>
 <td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">#489</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">Val#2197</a> ) ]</td>
+<td><b>CTR_DRBG</b>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_Use_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2197">Val#2197</a> ) ]</td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></td>
 </tr>
 <tr class="odd">
-<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2023">Val#2023</a> ) ]</td>
+<td><b>CTR_DRBG</b>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#2023">Val#2023</a> ) ]</td>
 <td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">#193</a></td>
 </tr>
 <tr class="even">
-<td><strong>CTR_DRBG</strong>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">Val#1168</a> ) ]</td>
+<td><b>CTR_DRBG</b>: [ Prediction Resistance Tested: Not Enabled; BlockCipher_No_df: ( AES-256 ) ( AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#1168">Val#1168</a> ) ]</td>
 <td>Windows 7 Ultimate and SP1 and Windows Server 2008 R2 and SP1 RNG Library <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">#23</a></td>
 </tr>
 <tr class="odd">
-<td><strong>DRBG</strong> (SP 800–90)</td>
+<td><b>DRBG</b> (SP 800–90)</td>
 <td>Windows Vista Ultimate SP1, vendor-affirmed</td>
 </tr>
 </tbody>
@@ -3017,8 +3017,8 @@ Deterministic Random Bit Generator (DRBG)
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -3137,118 +3137,118 @@ Deterministic Random Bit Generator (DRBG)
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:</strong></p>
-<p><strong>PQG(gen)</strong>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
-<p><strong>PQG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
-<p><strong>KeyPairGen</strong>:   [ (2048,256) ; (3072,256) ]</p>
-<p><strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]</p>
-<p><strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<td><p><b>FIPS186-4:</b></p>
+<p><b>PQG(gen)</b>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p><b>PQG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<p><b>KeyPairGen</b>:   [ (2048,256) ; (3072,256) ]</p>
+<p><b>SIG(gen)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]</p>
+<p><b>SIG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
 <p>DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></p></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223">#1223</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-4:<br />
-PQG(ver)PARMS TESTED:</strong>   [ (1024,160) SHA( 1 ); ]<br />
-<strong>SIG(ver)PARMS TESTED:</strong>   [ (1024,160) SHA( 1 ); ]<br />
+<td><b>FIPS186-4:<br />
+PQG(ver)PARMS TESTED:</b>   [ (1024,160) SHA( 1 ); ]<br />
+<b>SIG(ver)PARMS TESTED:</b>   [ (1024,160) SHA( 1 ); ]<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1188">#1188</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-4:<br />
-PQG(ver)PARMS TESTED:</strong>   [ (1024,160) SHA( 1 ); ]<br />
-<strong>SIG(ver)PARMS TESTED:</strong>   [ (1024,160) SHA( 1 ); ]<br />
+<td><b>FIPS186-4:<br />
+PQG(ver)PARMS TESTED:</b>   [ (1024,160) SHA( 1 ); ]<br />
+<b>SIG(ver)PARMS TESTED:</b>   [ (1024,160) SHA( 1 ); ]<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1187">#1187</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-PQG(gen)</strong>PARMS TESTED: [<br />
+<td><p><b>FIPS186-4:<br />
+PQG(gen)</b>PARMS TESTED: [<br />
 (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
-<strong>PQG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<b>PQG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
 KeyPairGen:    [ (2048,256) ; (3072,256) ]<br />
-<strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256)<br />
+<b>SIG(gen)</b>PARMS TESTED:   [ (2048,256)<br />
 SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
-<strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<b>SIG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">#1098</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-PQG(gen)</strong>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ] <strong>PQG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 )]<br />
-KeyPairGen:    [ (2048,256) ; (3072,256) ] <strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
-<strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<td><p><b>FIPS186-4:<br />
+PQG(gen)</b>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ] <b>PQG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 )]<br />
+KeyPairGen:    [ (2048,256) ; (3072,256) ] <b>SIG(gen)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
+<b>SIG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val# 955</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024">#1024</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-PQG(gen)</strong>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
-<strong>PQG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<td><p><b>FIPS186-4:<br />
+PQG(gen)</b>PARMS TESTED:   [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<b>PQG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
 KeyPairGen:    [ (2048,256) ; (3072,256) ]<br />
-<strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ] <strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<b>SIG(gen)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ] <b>SIG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val# 868</a></p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983">#983</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-PQG(gen)</strong>PARMS TESTED:   [<br />
+<td><p><b>FIPS186-4:<br />
+PQG(gen)</b>PARMS TESTED:   [<br />
 (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
-<strong>PQG(ver</strong>)PARMS TESTED:   [ (2048,256)<br />
+<b>PQG(ver</b>)PARMS TESTED:   [ (2048,256)<br />
 SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
 KeyPairGen:    [ (2048,256) ; (3072,256) ]<br />
-<strong>SIG(gen)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
-<strong>SIG(ver)</strong>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
+<b>SIG(gen)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
+<b>SIG(ver)</b>PARMS TESTED:   [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val# 2373</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val# 489</a></p></td>
 <td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855">#855</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186</strong>-2:<br />
-<strong>PQG(ver)</strong> MOD(1024);<br />
-<strong>SIG(ver)</strong> MOD(1024);<br />
+<td><p><b>FIPS186</b>-2:<br />
+<b>PQG(ver)</b> MOD(1024);<br />
+<b>SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p>
-<p><strong>FIPS186-4:<br />
-PQG(gen)PARMS TESTED</strong>: [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
-<strong>PQG(ver)PARMS TESTED</strong>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
-<strong>SIG(gen)PARMS TESTED</strong>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
-<strong>SIG(ver)PARMS TESTED</strong>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<p><b>FIPS186-4:<br />
+PQG(gen)PARMS TESTED</b>: [ (2048,256)SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<b>PQG(ver)PARMS TESTED</b>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
+<b>SIG(gen)PARMS TESTED</b>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ); ]<br />
+<b>SIG(ver)PARMS TESTED</b>: [ (2048,256) SHA( 256 ); (3072,256) SHA( 256 ) ]<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#687">Historical DSA List Val#687</a>.</p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687">#687</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-PQG(ver)</strong> MOD(1024);<br />
-<strong>SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+PQG(ver)</b> MOD(1024);<br />
+<b>SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#686">Historical DSA List Val#686</a>.</td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 DSS and Diffie-Hellman Enhanced Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#686">#686</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val# 1773</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#645">Historical DSA List Val#645</a>.</td>
 <td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#645">#645</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val# 1081</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#391">Historical DSA List Val#391</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#386">Historical DSA List Val#386</a>.</td>
@@ -3256,8 +3256,8 @@ Some of the previously validated components for this validation have been remove
 <p>Windows 7 Ultimate and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#386">#386</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val# 1081</a><br />
 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#649">Val# 649</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#390">Historical DSA List Val#390</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#385">Historical DSA List Val#385</a>.</td>
@@ -3265,16 +3265,16 @@ Some of the previously validated components for this validation have been remove
 <p>Windows 7 Ultimate and SP1 Enhanced DSS (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#385">#385</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val# 753</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#284">Historical DSA List Val#284</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#283">Historical DSA List Val#283</a>.</td>
 <td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#284">#284</a></p>
 <p>Windows Vista Ultimate SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#283">#283</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val# 753</a><br />
 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#435">Val# 435</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#282">Historical DSA List Val#282</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#281">Historical DSA List Val#281</a>.</td>
@@ -3282,8 +3282,8 @@ Some of the previously validated components for this validation have been remove
 <p>Windows Vista Ultimate SP1 Enhanced DSS (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#281">#281</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val# 618</a><br />
 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">Val# 321</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#227">Historical DSA List Val#227</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#226">Historical DSA List Val#226</a>.</td>
@@ -3291,61 +3291,61 @@ Some of the previously validated components for this validation have been remove
 <p>Windows Vista Enhanced DSS (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#226">#226</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#784">Val# 784</a><br />
 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#448">Val# 448</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#292">Historical DSA List Val#292</a>.</td>
 <td>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#292">#292</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val# 783</a><br />
 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#447">Val# 447</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/dsahistoricalval.htm#291">Historical DSA List Val#291</a>.</td>
 <td>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#291">#291</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-PQG(gen)</strong> MOD(1024);<br />
-<strong>PQG(ver)</strong> MOD(1024);<br />
-<strong>KEYGEN(Y)</strong> MOD(1024);<br />
-<strong>SIG(gen)</strong> MOD(1024);<br />
-<strong>SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+PQG(gen)</b> MOD(1024);<br />
+<b>PQG(ver)</b> MOD(1024);<br />
+<b>KEYGEN(Y)</b> MOD(1024);<br />
+<b>SIG(gen)</b> MOD(1024);<br />
+<b>SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#611">Val# 611</a><br />
 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#314">Val# 314</a></td>
 <td>Windows 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#221">#221</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-PQG(gen)</strong> MOD(1024);<br />
-<strong>PQG(ver)</strong> MOD(1024);<br />
-<strong>KEYGEN(Y)</strong> MOD(1024);<br />
-<strong>SIG(gen)</strong> MOD(1024);<br />
-<strong>SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+PQG(gen)</b> MOD(1024);<br />
+<b>PQG(ver)</b> MOD(1024);<br />
+<b>KEYGEN(Y)</b> MOD(1024);<br />
+<b>SIG(gen)</b> MOD(1024);<br />
+<b>SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385">Val# 385</a></td>
 <td>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#146">#146</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-PQG(ver)</strong> MOD(1024);<br />
-<strong>KEYGEN(Y)</strong> MOD(1024);<br />
-<strong>SIG(gen)</strong> MOD(1024);<br />
-<strong>SIG(ver)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+PQG(ver)</b> MOD(1024);<br />
+<b>KEYGEN(Y)</b> MOD(1024);<br />
+<b>SIG(gen)</b> MOD(1024);<br />
+<b>SIG(ver)</b> MOD(1024);<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#181">Val# 181</a><br />
 <br />
 </td>
 <td>Windows Server 2003 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#95">#95</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-PQG(gen)</strong> MOD(1024);<br />
-<strong>PQG(ver)</strong> MOD(1024);<br />
-<strong>KEYGEN(Y)</strong> MOD(1024);<br />
-<strong>SIG(gen)</strong> MOD(1024);<br />
+<td><b>FIPS186-2:<br />
+PQG(gen)</b> MOD(1024);<br />
+<b>PQG(ver)</b> MOD(1024);<br />
+<b>KEYGEN(Y)</b> MOD(1024);<br />
+<b>SIG(gen)</b> MOD(1024);<br />
 SHS: SHA-1 (BYTE)<br />
-<strong>SIG(ver)</strong> MOD(1024);<br />
+<b>SIG(ver)</b> MOD(1024);<br />
 SHS: SHA-1 (BYTE)</td>
 <td><p>Windows 2000 DSSENH.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#29">#29</a></p>
 <p>Windows 2000 DSSBASE.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#28">#28</a></p>
@@ -3353,12 +3353,12 @@ SHS: SHA-1 (BYTE)</td>
 <p>Windows NT 4 SP6 DSSBASE.DLL <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#25">#25</a></p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-2: PRIME;<br />
-FIPS186-2:</strong></p>
-<p><strong>KEYGEN(Y):</strong><br />
+<td><p><b>FIPS186-2: PRIME;<br />
+FIPS186-2:</b></p>
+<p><b>KEYGEN(Y):</b><br />
 SHS: SHA-1 (BYTE)</p>
-<p><strong>SIG(gen):<br />
-SIG(ver)</strong> MOD(1024);<br />
+<p><b>SIG(gen):<br />
+SIG(ver)</b> MOD(1024);<br />
 SHS: SHA-1 (BYTE)</p></td>
 <td>Windows NT 4.0 SP4 Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#17">#17</a></td>
 </tr>
@@ -3375,8 +3375,8 @@ SHS: SHA-1 (BYTE)</p></td>
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -3653,93 +3653,93 @@ SHS: SHA-1 (BYTE)</p></td>
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 TestingCandidates )<br />
+<td><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 TestingCandidates )<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></td>
 <td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1136">#1136</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
+<td><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>PKV: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<b>SigVer: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1135">#1135</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
+<td><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>PKV: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<b>SigVer: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
 SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133">#1133</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) <em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) )<br />
-<strong>SHS:</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
-<strong>DRBG:</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">Val# 1430</a></td>
+<td><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>PKV: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) <em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+<b>SigVer: CURVES</b>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) )<br />
+<b>SHS:</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
+<b>DRBG:</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">Val# 1430</a></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1073">#1073</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) <em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) )<br />
-<strong>SHS:</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
-<strong>DRBG:</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">Val# 1429</a></td>
+<td><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>PKV: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) <em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+<b>SigVer: CURVES</b>( P-256: (SHA-1, 256) P-384: (SHA-1, 384) P-521: (SHA-1, 512) )<br />
+<b>SHS:</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
+<b>DRBG:</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">Val# 1429</a></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1072">#1072</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 TestingCandidates )<br />
-<strong>PKV: CURVES</strong>( P-256 P-384 )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384) )</p>
+<td><p><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 TestingCandidates )<br />
+<b>PKV: CURVES</b>( P-256 P-384 )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
+<b>SigVer: CURVES</b>( P-256: (SHA-1, 256) P-384: (SHA-1, 256, 384) )</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222">Val# 1222</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#920">#920</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>PKV: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
+<td><p><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>PKV: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<b>SigVer: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">#911</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
+<td><p><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<b>SigVer: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val# 955</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760">#760</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<td><p><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
 SigVer: CURVES( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val# 868</a></p></td>
@@ -3747,79 +3747,79 @@ DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
+<td><p><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<b>SigVer: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )</p>
 <p>SHS: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val# 489</a></p></td>
 <td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">#505</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-2:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
-<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
-<strong>SIG(ver):CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
-<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p>
-<p><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
-<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
+<td><p><b>FIPS186-2:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
+<b>DRBG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
+<b>SIG(ver):CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
+<b>DRBG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p>
+<p><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<b>SigVer: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a><br />
+<b>DRBG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#341">Historical ECDSA List Val#341</a>.</p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">#341</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-2:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
-<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
-<strong>SIG(ver): CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
-<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a></p>
-<p><strong>FIPS186-4:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 ExtraRandomBits )<br />
-<strong>SigGen: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
-<strong>SigVer: CURVES</strong>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
-<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
+<td><p><b>FIPS186-2:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
+<b>DRBG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
+<b>SIG(ver): CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
+<b>DRBG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a></p>
+<p><b>FIPS186-4:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 ExtraRandomBits )<br />
+<b>SigGen: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512)<br />
+<b>SigVer: CURVES</b>( P-256: (SHA-256) P-384: (SHA-384) P-521: (SHA-512) )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a><br />
+<b>DRBG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#295">Historical ECDSA List Val#295</a>.</p></td>
 <td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#295">#295</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
-<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
-<strong>SIG(ver): CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
-<strong>DRBG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
+<td><b>FIPS186-2:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
+<b>DRBG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
+<b>SIG(ver): CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
+<b>DRBG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#142">Historical ECDSA List Val#142</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#141">Historical ECDSA List Val#141</a>.</td>
 <td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#142">#142</a></p>
 <p>Windows 7 Ultimate and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#141">#141</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
-<strong>SIG(ver): CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
+<td><b>FIPS186-2:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
+<b>SIG(ver): CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#83">Historical ECDSA List Val#83</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#82">Historical ECDSA List Val#82</a>.</td>
 <td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#83">#83</a></p>
 <p>Windows Vista Ultimate SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#82">#82</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-PKG: CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
-<strong>RNG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val# 321</a><br />
-<strong>SIG(ver): CURVES</strong>( P-256 P-384 P-521 )<br />
-<strong>SHS</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
-<strong>RNG</strong>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">Val# 321</a><br />
+<td><b>FIPS186-2:<br />
+PKG: CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
+<b>RNG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val# 321</a><br />
+<b>SIG(ver): CURVES</b>( P-256 P-384 P-521 )<br />
+<b>SHS</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
+<b>RNG</b>: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">Val# 321</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/ecdsahistoricalval.html#60">Historical ECDSA List Val#60</a>.</td>
 <td>Windows Vista CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#60">#60</a></td>
 </tr>
@@ -3836,8 +3836,8 @@ Some of the previously validated components for this validation have been remove
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -3983,265 +3983,265 @@ Some of the previously validated components for this validation have been remove
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p></td>
 <td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3062">#3062</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1(Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p></td>
+<td><p><b>HMAC-SHA1(Key Sizes Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></p></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#3061">#3061</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested:</b> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p></td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2946">#2946</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested:</b> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p></td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2945">#2945</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested:</b> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2943">#2943</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested:</strong> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested:</strong> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested:</b> KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested:</b> KSBS ) SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2942">#2942</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested:  KSBS )<br />
+<td><p><b>HMAC-SHA1</b> (Key Sizes Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
-<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA256</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
-<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA384</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2661">#2661</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
-<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
-<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
-<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p></td>
+<td><p><b>HMAC-SHA1</b> (Key Sizes Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
+<p><b>HMAC-SHA256</b> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
+<p><b>HMAC-SHA384</b> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p>
+<p><b>HMAC-SHA512</b> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">#2651</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested:  KSBS )<br />
+<td><p><b>HMAC-SHA1</b> (Key Sizes Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p>
-<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA256</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p>
-<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA384</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p>
-<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA512</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381">#2381</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested:  KSBS )<br />
+<td><p><b>HMAC-SHA1</b> (Key Sizes Ranges Tested:  KSBS )<br />
 SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a></p>
-<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA256</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a></p>
-<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA384</b> ( Key Size Ranges Tested:  KSBS )<br />
 <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886"> SHSVal# 2886</a></p>
-<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA512</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a></p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233">#2233</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested:  KSBS )<br />
+<td><p><b>HMAC-SHA1</b> (Key Sizes Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p>
-<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA256</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p>
-<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA384</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p>
-<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested:  KSBS )<br />
+<p><b>HMAC-SHA512</b> ( Key Size Ranges Tested:  KSBS )<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p></td>
 <td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">#1773</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1</strong> (Key Sizes Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
-<p><strong>HMAC-SHA256</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
-<p><strong>HMAC-SHA384</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
-<p><strong>HMAC-SHA512</strong> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p></td>
+<td><p><b>HMAC-SHA1</b> (Key Sizes Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
+<p><b>HMAC-SHA256</b> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
+<p><b>HMAC-SHA384</b> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p>
+<p><b>HMAC-SHA512</b> ( Key Size Ranges Tested: KSBS ) SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2764">Val#2764</a></p></td>
 <td><p>Windows CE and Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2122">#2122</a></p>
 <p>Version 5.2.29344</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1347">1347</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1346">1346</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS )</strong></p>
-<p><strong>SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS )</strong></p>
-<p><strong>SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS )</strong></p>
-<p><strong>SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS )</strong></p>
-<p><strong>SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS )</b></p>
+<p><b>SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS )</b></p>
+<p><b>SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS )</b></p>
+<p><b>SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS )</b></p>
+<p><b>SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">1345</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
-<p><strong>Tinker HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
+<p><b>Tinker HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a></p></td>
 <td>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1364">#1364</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a></p></td>
 <td>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1227">#1227</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p></td>
 <td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#686">#686</a></p>
 <p>Windows 7 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#677">#677</a></p>
 <p>Windows Server 2008 R2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#687">#687</a></p>
 <p>Windows 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#673">#673</a></p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1(Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p></td>
+<td><p><b>HMAC-SHA1(Key Sizes Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a></p></td>
 <td>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 BitLocker Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#675">#675</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a></p></td>
 <td>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#452">#452</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
 <td>Windows Vista Ultimate SP1 and Windows Server 2008 BitLocker Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#415">#415</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS )</strong>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS )</b>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
 <td><p>Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#408">#408</a></p>
 <p>Windows Vista Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#407">#407</a></p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS )SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS )SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p></td>
 <td>Windows Vista Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#297">#297</a></td>
 </tr>
 <tr class="even">
-<td><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785">Val#785</a></td>
+<td><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785">Val#785</a></td>
 <td><p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#429">#429</a></p>
 <p>Windows XP, vendor-affirmed</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a></p></td>
 <td>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#428">#428</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a></p></td>
 <td>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#289">#289</a></td>
 </tr>
 <tr class="odd">
-<td><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610">Val#610</a></td>
+<td><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610">Val#610</a></td>
 <td>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#287">#287</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a></p></td>
 <td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#413">#413</a></p>
 <p>Windows Vista Ultimate SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#412">#412</a></p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">Val#737</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">Val#737</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">Val#737</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">Val#737</a></p></td>
 <td>Windows Vista Ultimate BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#386">#386</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#618">Val#618</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p></td>
+<td><p><b>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#618">Val#618</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a></p></td>
 <td>Windows Vista CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#298">#298</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS )SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p></td>
+<td><p><b>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS )SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a></p></td>
 <td>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#267">#267</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p></td>
+<td><p><b>HMAC-SHA1 ( Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a></p></td>
 <td>Windows CE and Windows Mobile 6.0 and Windows Mobil 6.5 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#260">#260</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495">Val#495</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495">Val#495</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495">Val#495</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495">Val#495</a></p></td>
 <td>Windows Vista BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#199">#199</a></td>
 </tr>
 <tr class="even">
-<td><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">Val#364</a></td>
+<td><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">Val#364</a></td>
 <td><p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#99">#99</a></p>
 <p>Windows XP, vendor-affirmed</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
-<p><strong>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
-<p><strong>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
-<p><strong>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</strong><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p></td>
+<td><p><b>HMAC-SHA1 (Key Sizes Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
+<p><b>HMAC-SHA256 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
+<p><b>HMAC-SHA384 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p>
+<p><b>HMAC-SHA512 ( Key Size Ranges Tested: KSBS ) SHS</b><a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a></p></td>
 <td>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#31">#31</a></td>
 </tr>
 </tbody>
@@ -4257,8 +4257,8 @@ SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-p
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -4782,7 +4782,7 @@ SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-p
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration ) <strong>SCHEMES</strong> [ <strong>FullUnified</strong> ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ]</p>
+<td><p><b>ECC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration ) <b>SCHEMES</b> [ <b>FullUnified</b> ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
 DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1135">Val#1135</a><br />
 DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556">Val#1556</a></p></td>
@@ -4790,15 +4790,15 @@ DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <strong>SCHEMES</strong> [ <strong>dhEphem</strong> ( KARole(s): Initiator / Responder )<br />
-( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ]<br />
-[ <strong>dhOneFlow</strong> ( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ] [ <strong>dhStatic</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FB:</strong> SHA256 HMAC ) ( <strong>FC:</strong> SHA256   HMAC ) ]<br />
+<td><p><b>FFC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <b>SCHEMES</b> [ <b>dhEphem</b> ( KARole(s): Initiator / Responder )<br />
+( <b>FB:</b> SHA256 ) ( <b>FC:</b> SHA256 ) ]<br />
+[ <b>dhOneFlow</b> ( <b>FB:</b> SHA256 ) ( <b>FC:</b> SHA256 ) ] [ <b>dhStatic</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>FB:</b> SHA256 HMAC ) ( <b>FC:</b> SHA256   HMAC ) ]<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
 DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1223">Val#1223</a><br />
 DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val#1555</a></p>
-<p><strong>ECC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <strong>SCHEMES</strong> [ <strong>EphemeralUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
-[ <strong>OnePassDH</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
-[ <strong>StaticUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+<p><b>ECC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <b>SCHEMES</b> [ <b>EphemeralUnified</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <b>OnePassDH</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ <b>StaticUnified</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
 <br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
 ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1133">Val#1133</a><br />
@@ -4807,29 +4807,29 @@ DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <strong>SCHEMES</strong> [ <strong>dhEphem</strong> ( KARole(s): Initiator / Responder )<br />
-( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ]<br />
-[ <strong>dhOneFlow</strong> ( KARole(s): Initiator / Responder ) ( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ] [ <strong>dhStatic</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FB:</strong> SHA256 HMAC ) ( <strong>FC:</strong> SHA256   HMAC ) ]<br />
+<td><p><b>FFC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <b>SCHEMES</b> [ <b>dhEphem</b> ( KARole(s): Initiator / Responder )<br />
+( <b>FB:</b> SHA256 ) ( <b>FC:</b> SHA256 ) ]<br />
+[ <b>dhOneFlow</b> ( KARole(s): Initiator / Responder ) ( <b>FB:</b> SHA256 ) ( <b>FC:</b> SHA256 ) ] [ <b>dhStatic</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>FB:</b> SHA256 HMAC ) ( <b>FC:</b> SHA256   HMAC ) ]<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
 DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1188">Val#1188</a><br />
 DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">Val#1430</a></p>
-<p><strong>ECC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <strong>SCHEMES</strong> [ <strong>EphemeralUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
-[ <strong>OnePassDH</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
-[ <strong>StaticUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p></td>
+<p><b>ECC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <b>SCHEMES</b> [ <b>EphemeralUnified</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <b>OnePassDH</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ <b>StaticUnified</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#115">#115</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <strong>SCHEMES</strong> [ <strong>dhEphem</strong> ( KARole(s): Initiator / Responder )<br />
-( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ]<br />
-[ <strong>dhHybridOneFlow</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FB:</strong>SHA256 HMAC ) ( <strong>FC:</strong> SHA256   HMAC ) ]<br />
-[ <strong>dhStatic</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FB:</strong>SHA256 HMAC ) ( <strong>FC:</strong> SHA256   HMAC ) ]<br />
+<td><p><b>FFC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) <b>SCHEMES</b> [ <b>dhEphem</b> ( KARole(s): Initiator / Responder )<br />
+( <b>FB:</b> SHA256 ) ( <b>FC:</b> SHA256 ) ]<br />
+[ <b>dhHybridOneFlow</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>FB:</b>SHA256 HMAC ) ( <b>FC:</b> SHA256   HMAC ) ]<br />
+[ <b>dhStatic</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>FB:</b>SHA256 HMAC ) ( <b>FC:</b> SHA256   HMAC ) ]<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
 DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1187">Val#1187</a><br />
 DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">Val#1429</a></p>
-<p><strong>ECC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <strong>SCHEMES</strong> [ <strong>EphemeralUnified</strong> ( <strong>No_KC</strong> ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
-[ <strong>OnePassDH</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
-[ <strong>StaticUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC:</strong> P-256   SHA256   HMAC ) ( <strong>ED:</strong> P-384   SHA384   HMAC ) ( <strong>EE:</strong> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+<p><b>ECC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <b>SCHEMES</b> [ <b>EphemeralUnified</b> ( <b>No_KC</b> ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <b>OnePassDH</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
+[ <b>StaticUnified</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC:</b> P-256   SHA256   HMAC ) ( <b>ED:</b> P-384   SHA384   HMAC ) ( <b>EE:</b> P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
 <br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
 ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#1072">Val#1072</a><br />
@@ -4838,19 +4838,19 @@ DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )<br />
-<strong>SCHEMES  [ FullUnified  ( No_KC</strong>  &amp;lt; KARole(s): Initiator / Responder &amp;gt; &amp;lt; KDF: CONCAT &amp;gt; ) ( <strong>EC:</strong>  P-256   SHA256   HMAC ) ( <strong>ED:</strong>  P-384   SHA384   HMAC ) ]</p>
+<td><p><b>ECC:</b>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Full Validation   Key Regeneration )<br />
+<b>SCHEMES  [ FullUnified  ( No_KC</b>  &amp;lt; KARole(s): Initiator / Responder &amp;gt; &amp;lt; KDF: CONCAT &amp;gt; ) ( <b>EC:</b>  P-256   SHA256   HMAC ) ( <b>ED:</b>  P-384   SHA384   HMAC ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#920">Val#920</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222">Val#1222</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#93">#93</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation )<br />
-<strong>SCHEMES</strong>  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
-( <strong>FB:</strong> SHA256 ) ( <strong>FC:</strong> SHA256 ) ]<br />
-[ dhOneFlow ( KARole(s): Initiator / Responder ) ( <strong>FB:</strong>  SHA256 ) ( <strong>FC:</strong>  SHA256 ) ] [ <strong>dhStatic (No_KC</strong>  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
+<td><p><b>FFC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation )<br />
+<b>SCHEMES</b>  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
+( <b>FB:</b> SHA256 ) ( <b>FC:</b> SHA256 ) ]<br />
+[ dhOneFlow ( KARole(s): Initiator / Responder ) ( <b>FB:</b>  SHA256 ) ( <b>FC:</b>  SHA256 ) ] [ <b>dhStatic (No_KC</b>  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">Val#1098</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val#1217</a></p>
-<p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <strong>SCHEMES</strong>  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+<p><b>ECC:</b>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) <b>SCHEMES</b>  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
 [ OnePassDH  ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
 [ StaticUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1098">Val#1098</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#911">Val#911</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val#1217</a> HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">Val#2651</a></p></td>
@@ -4858,11 +4858,11 @@ DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
+<td><p><b>FFC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
 ( FB: SHA256 ) ( FC: SHA256 ) ]<br />
 [ dhOneFlow ( KARole(s): Initiator / Responder ) ( FB:  SHA256 ) ( FC:  SHA256 ) ] [ dhStatic ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#1024">Val#1024</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val#955</a></p>
-<p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+<p><b>ECC:</b>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
 [ OnePassDH  ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
 [ StaticUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#760">Val#760</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val#955</a></p></td>
@@ -4870,11 +4870,11 @@ DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
+<td><p><b>FFC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
 ( FB: SHA256 ) ( FC: SHA256 ) ]<br />
 [ dhOneFlow ( KARole(s): Initiator / Responder ) ( FB:  SHA256 ) ( FC:  SHA256 ) ] [ dhStatic ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#983">Val#983</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val#868</a></p>
-<p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+<p><b>ECC:</b>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
 [ OnePassDH  ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
 [ StaticUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#706">Val#706</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val#868</a></p></td>
@@ -4882,11 +4882,11 @@ DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FFC:</strong> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
+<td><p><b>FFC:</b> (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation ) SCHEMES  [ dhEphem  ( KARole(s): Initiator / Responder )<br />
 ( FB: SHA256 ) ( FC: SHA256 ) ]<br />
 [ dhOneFlow ( KARole(s): Initiator / Responder ) ( FB:  SHA256 ) ( FC:  SHA256 ) ] [ dhStatic ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( FB:  SHA256 HMAC ) ( FC:  SHA256   HMAC ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#855">Val#855</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val#489</a></p>
-<p><strong>ECC:</strong>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+<p><b>ECC:</b>  (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG   DPV   KPG   Partial Validation   Key Regeneration ) SCHEMES  [ EphemeralUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
 [ OnePassDH  ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]<br />
 [ StaticUnified ( No_KC  &amp;lt; KARole(s): Initiator / Responder &amp;gt; ) ( EC:  P-256   SHA256   HMAC ) ( ED:  P-384   SHA384   HMAC ) ( EE:  P-521   HMAC (SHA512, HMAC_SHA512) ) ]</p>
 <p>SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#505">Val#505</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val#489</a></p></td>
@@ -4894,20 +4894,20 @@ DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FFC</strong>: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation ) SCHEMES [ <strong>dhEphem</strong> ( KARole(s): Initiator / Responder )<br />
-( <strong>FA</strong>: SHA256 ) ( <strong>FB</strong>: SHA256 ) ( <strong>FC</strong>: SHA256 ) ]<br />
-[ <strong>dhOneFlow</strong> ( KARole(s): Initiator / Responder ) ( <strong>FA</strong>: SHA256 ) ( <strong>FB</strong>: SHA256 ) ( <strong>FC</strong>: SHA256 ) ]<br />
-[ <strong>dhStatic</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>FA</strong>: SHA256 HMAC ) ( <strong>FB</strong>: SHA256 HMAC ) ( <strong>FC</strong>: SHA256 HMAC ) ]<br />
+<td><p><b>FFC</b>: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation ) SCHEMES [ <b>dhEphem</b> ( KARole(s): Initiator / Responder )<br />
+( <b>FA</b>: SHA256 ) ( <b>FB</b>: SHA256 ) ( <b>FC</b>: SHA256 ) ]<br />
+[ <b>dhOneFlow</b> ( KARole(s): Initiator / Responder ) ( <b>FA</b>: SHA256 ) ( <b>FB</b>: SHA256 ) ( <b>FC</b>: SHA256 ) ]<br />
+[ <b>dhStatic</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>FA</b>: SHA256 HMAC ) ( <b>FB</b>: SHA256 HMAC ) ( <b>FC</b>: SHA256 HMAC ) ]<br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a> DSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/dsa#687">Val#687</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p>
-<p><strong>ECC</strong>: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation Key Regeneration ) <strong>SCHEMES</strong> [ <strong>EphemeralUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( EC: P-256 SHA256 HMAC ) ( <strong>ED</strong>: P-384 SHA384 HMAC ) ( <strong>EE</strong>: P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
-[ <strong>OnePassDH( No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC</strong>: P-256 SHA256 ) ( <strong>ED</strong>: P-384 SHA384 ) ( <strong>EE</strong>: P-521 (SHA512, HMAC_SHA512) ) ) ]<br />
-[ <strong>StaticUnified</strong> ( <strong>No_KC</strong> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <strong>EC</strong>: P-256 SHA256 HMAC ) ( <strong>ED</strong>: P-384 SHA384 HMAC ) ( <strong>EE</strong>: P-521 HMAC (SHA512, HMAC_SHA512) ) ]<br />
+<p><b>ECC</b>: (FUNCTIONS INCLUDED IN IMPLEMENTATION: DPG DPV KPG Partial Validation Key Regeneration ) <b>SCHEMES</b> [ <b>EphemeralUnified</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( EC: P-256 SHA256 HMAC ) ( <b>ED</b>: P-384 SHA384 HMAC ) ( <b>EE</b>: P-521 HMAC (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <b>OnePassDH( No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC</b>: P-256 SHA256 ) ( <b>ED</b>: P-384 SHA384 ) ( <b>EE</b>: P-521 (SHA512, HMAC_SHA512) ) ) ]<br />
+[ <b>StaticUnified</b> ( <b>No_KC</b> &amp;lt; KARole(s): Initiator / Responder&amp;gt; ) ( <b>EC</b>: P-256 SHA256 HMAC ) ( <b>ED</b>: P-384 SHA384 HMAC ) ( <b>EE</b>: P-521 HMAC (SHA512, HMAC_SHA512) ) ]<br />
 <br />
 SHS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a> ECDSA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/ecdsa#341">Val#341</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#36">#36</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>KAS (SP 800–56A)</strong></p>
+<td><p><b>KAS (SP 800–56A)</b></p>
 <p>key agreement</p>
 <p>key establishment methodology provides 80 to 256 bits of encryption strength</p></td>
 <td><p>Windows 7 and SP1, vendor-affirmed</p>
@@ -4922,8 +4922,8 @@ SP 800-108 Key-Based Key Derivation Functions (KBKDF)
 <table>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -5021,7 +5021,7 @@ SP 800-108 Key-Based Key Derivation Functions (KBKDF)
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><strong>CTR_Mode:</strong> ( Llength( Min0 Max0 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )<br />
+<td><b>CTR_Mode:</b> ( Llength( Min0 Max0 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )<br />
 <br />
 KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#128">Val#128</a><br />
 DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1556">Val#1556</a><br />
@@ -5030,7 +5030,7 @@ MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-p
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><strong>CTR_Mode:</strong> ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )<br />
+<td><b>CTR_Mode:</b> ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )<br />
 <br />
 KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#127">Val#127</a><br />
 AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4624">Val#4624</a><br />
@@ -5040,37 +5040,37 @@ MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-p
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CTR_Mode:</strong>  ( Llength( Min20 Max64 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<td><p><b>CTR_Mode:</b>  ( Llength( Min20 Max64 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
 <p>KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#93">Val#93</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1222">Val#1222</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2661">Val#2661</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#102">#102</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>CTR_Mode:</strong>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<td><p><b>CTR_Mode:</b>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
 <p>KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#92">Val#92</a> AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#4064">Val#4064</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val#1217</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2651">Val#2651</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#101">#101</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CTR_Mode:</strong>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<td><p><b>CTR_Mode:</b>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
 <p>KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#72">Val#72</a> AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3629">Val#3629</a> DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val#955</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2381">Val#2381</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#72">#72</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>CTR_Mode:</strong>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<td><p><b>CTR_Mode:</b>  ( Llength( Min20 Max64 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
 <p>KAS <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kas#64">Val#64</a> AES <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/aes#3497">Val#3497</a> RBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val#868</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#2233">Val#2233</a></p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#66">#66</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>CTR_Mode:</strong>  ( Llength( Min0 Max0 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<td><p><b>CTR_Mode:</b>  ( Llength( Min0 Max0 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
 <p>DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val#489</a> MAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1773">Val#1773</a></p></td>
 <td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/kdf#30">#30</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>CTR_Mode</strong>: ( Llength( Min0 Max4 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
+<td><p><b>CTR_Mode</b>: ( Llength( Min0 Max4 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )</p>
 <p>DRBG <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a> HMAC <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/hmac#1345">Val#1345</a></p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="http://csrc.nist.gov/groups/stm/cavp/documents/kbkdf800-108/kbkdfval.htm#3">#3</a></td>
 </tr>
@@ -5087,34 +5087,34 @@ Random Number Generator (RNG)
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS 186-2 General Purpose</strong></p>
-<p><strong>[ (x-Original); (SHA-1) ]</strong></p></td>
+<td><p><b>FIPS 186-2 General Purpose</b></p>
+<p><b>[ (x-Original); (SHA-1) ]</b></p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations #<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#1110">1110</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS 186-2<br />
-[ (x-Original); (SHA-1) ]</strong></td>
+<td><b>FIPS 186-2<br />
+[ (x-Original); (SHA-1) ]</b></td>
 <td><p>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#1060">#1060</a></p>
 <p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#292">#292</a></p>
 <p>Windows CE and Windows Mobile 6.0 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#286">#286</a></p>
 <p>Windows CE 5.00 and Window CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#66">#66</a></p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS 186-2<br />
-[ (x-Change Notice); (SHA-1) ]</strong></p>
-<p><strong>FIPS 186-2 General Purpose<br />
-[ (x-Change Notice); (SHA-1) ]</strong></p></td>
+<td><p><b>FIPS 186-2<br />
+[ (x-Change Notice); (SHA-1) ]</b></p>
+<p><b>FIPS 186-2 General Purpose<br />
+[ (x-Change Notice); (SHA-1) ]</b></p></td>
 <td><p>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 RNG Library <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#649">#649</a></p>
 <p>Windows Vista Ultimate SP1 and Windows Server 2008 RNG Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#435">#435</a></p>
 <p>Windows Vista RNG implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">#321</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS 186-2 General Purpose<br />
-[ (x-Change Notice); (SHA-1) ]</strong></td>
+<td><b>FIPS 186-2 General Purpose<br />
+[ (x-Change Notice); (SHA-1) ]</b></td>
 <td><p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#470">#470</a></p>
 <p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#449">#449</a></p>
 <p>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#447">#447</a></p>
@@ -5122,8 +5122,8 @@ Random Number Generator (RNG)
 <p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#313">#313</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS 186-2<br />
-[ (x-Change Notice); (SHA-1) ]</strong></td>
+<td><b>FIPS 186-2<br />
+[ (x-Change Notice); (SHA-1) ]</b></td>
 <td><p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#448">#448</a></p>
 <p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#314">#314</a></p></td>
 </tr>
@@ -5140,8 +5140,8 @@ Random Number Generator (RNG)
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><p>RSA:</p>
@@ -5711,419 +5711,419 @@ Random Number Generator (RNG)
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 )) (2048 SHA( 1 , 256 , 384 ))<br />
-<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) ))<br />
+<td><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 1 , 256 , 384 )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 )) (2048 SHA( 1 , 256 , 384 ))<br />
+<b>[RSASSA-PSS]:</b> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></td>
 <td><p>Windows 10 Creators Update (version 1703) Pro, Enterprise, Education Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2524">#2524</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<td><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2523">#2523</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-4:<br />
-186-4KEY(gen):</strong> FIPS186-4_Fixed_e ( 10001 ) ;<br />
-<strong>PGM(ProbPrimeCondition):</strong> 2048 , 3072 <strong>PPTT:</strong>( C.3 )<br />
-<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
-<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+<td><b>FIPS186-4:<br />
+186-4KEY(gen):</b> FIPS186-4_Fixed_e ( 10001 ) ;<br />
+<b>PGM(ProbPrimeCondition):</b> 2048 , 3072 <b>PPTT:</b>( C.3 )<br />
+<b>ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<b>[RSASSA-PSS]:</b> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1555">Val# 1555</a></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2522">#2522</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-4:<br />
+<td><b>FIPS186-4:<br />
 186-4KEY(gen):<br />
-PGM(ProbRandom:</strong> ( 2048 , 3072 ) <strong>PPTT:</strong>( C.2 )<br />
-<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
-<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+PGM(ProbRandom:</b> ( 2048 , 3072 ) <b>PPTT:</b>( C.2 )<br />
+<b>ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<b>[RSASSA-PSS]:</b> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">Val#3790</a></td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2521">#2521</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><p><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a><br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a><br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p>
-<p><strong>FIPS186-4:<br />
-ALG[ANSIX9.31]</strong> Sig(Gen): (2048 SHA( 1 )) (3072 SHA( 1 ))<strong><br />
-<em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em></strong> Sig(Ver): (1024 SHA( 1 )) (2048 SHA( 1 )) (3072 SHA( 1 ))<br />
-<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<p><b>FIPS186-4:<br />
+ALG[ANSIX9.31]</b> Sig(Gen): (2048 SHA( 1 )) (3072 SHA( 1 ))<b><br />
+<em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em></b> Sig(Ver): (1024 SHA( 1 )) (2048 SHA( 1 )) (3072 SHA( 1 ))<br />
+<b>ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">Val#3652</a></p></td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2415">#2415</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><p><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a><br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a><br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p>
-<p><strong>FIPS186-4:<br />
-ALG[ANSIX9.31]</strong> Sig(Gen): (2048 SHA( 1 )) (3072 SHA( 1 ))<strong><br />
-<em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em></strong> Sig(Ver): (1024 SHA( 1 )) (2048 SHA( 1 )) (3072 SHA( 1 ))<br />
-<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<p><b>FIPS186-4:<br />
+ALG[ANSIX9.31]</b> Sig(Gen): (2048 SHA( 1 )) (3072 SHA( 1 ))<b><br />
+<em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em></b> Sig(Ver): (1024 SHA( 1 )) (2048 SHA( 1 )) (3072 SHA( 1 ))<br />
+<b>ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">Val#3651</a></p></td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2414">#2414</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
+<td><p><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a> , SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a></p>
-<p><strong>FIPS186-4:<br />
-186-4KEY(gen):</strong> FIPS186-4_Fixed_e (10001) ;<br />
-<strong>PGM(ProbRandom:</strong> ( 2048 , 3072 ) <strong>PPTT:</strong>( C.2 )<br />
-<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<p><b>FIPS186-4:<br />
+186-4KEY(gen):</b> FIPS186-4_Fixed_e (10001) ;<br />
+<b>PGM(ProbRandom:</b> ( 2048 , 3072 ) <b>PPTT:</b>( C.2 )<br />
+<b>ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">Val# 3649</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1430">Val# 1430</a></p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2412">#2412</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
+<td><p><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a></p>
-<p><strong>FIPS186-4:<br />
-186-4KEY(gen):</strong> FIPS186-4_Fixed_e (10001) ;<br />
-<strong>PGM(ProbRandom:</strong> ( 2048 , 3072 ) <strong>PPTT:</strong>( C.2 )<br />
-<strong>ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <strong><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
-</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
+<p><b>FIPS186-4:<br />
+186-4KEY(gen):</b> FIPS186-4_Fixed_e (10001) ;<br />
+<b>PGM(ProbRandom:</b> ( 2048 , 3072 ) <b>PPTT:</b>( C.2 )<br />
+<b>ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 )) <b><em>SIG(gen) with SHA-1 affirmed for use with protocols only.</em><br />
+</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">Val#3648</a><br />
 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1429">Val# 1429</a></p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2411">#2411</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 1 , 256 , 384 )) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 1 , 256 , 384 )) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
 SIG(Ver) (1024 SHA( 1 , 256 , 384 )) (2048 SHA( 1 , 256 , 384 ))<br />
-<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
+<b>[RSASSA-PSS]:</b> Sig(Gen): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) SIG(gen) with SHA-1 affirmed for use with protocols only.<br />
 Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4 and Surface Pro 3 w/ Windows 10 Anniversary Update Virtual TPM Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2206">#2206</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-186-4KEY(gen):</strong> FIPS186-4_Fixed_e ( 10001 ) ;<br />
-<strong>PGM(ProbPrimeCondition):</strong> 2048 , 3072 PPTT:( C.3 )</p>
+<td><p><b>FIPS186-4:<br />
+186-4KEY(gen):</b> FIPS186-4_Fixed_e ( 10001 ) ;<br />
+<b>PGM(ProbPrimeCondition):</b> 2048 , 3072 PPTT:( C.3 )</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2195">#2195</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3346">Val#3346</a></p></td>
 <td><p>soft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2194">#2194</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
-<strong>SIG(Ver)</strong> (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
+<b>SIG(Ver)</b> (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2193">#2193</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-[RSASSA-PSS]: Sig(Gen):</strong> (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
-<p><strong>Sig(Ver):</strong> (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
+<td><p><b>FIPS186-4:<br />
+[RSASSA-PSS]: Sig(Gen):</b> (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
+<p><b>Sig(Ver):</b> (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">Val# 3347</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#1217">Val# 1217</a></p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#2192">#2192</a></p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-186-4KEY(gen)</strong>:  FIPS186-4_Fixed_e ( 10001 ) ;<br />
-<strong>PGM(ProbPrimeCondition</strong>): 2048 , 3072 PPTT:( C.3 )</p>
+<td><p><b>FIPS186-4:<br />
+186-4KEY(gen)</b>:  FIPS186-4_Fixed_e ( 10001 ) ;<br />
+<b>PGM(ProbPrimeCondition</b>): 2048 , 3072 PPTT:( C.3 )</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#955">Val# 955</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84” and Surface Hub 55” RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1889">#1889</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">Val#3048</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1871">#1871</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
-<strong>SIG(Ver)</strong> (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
+<b>SIG(Ver)</b> (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1888">#1888</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-[RSASSA-PSS]: Sig(Gen)</strong>: (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
-<strong>Sig(Ver):</strong> (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
+<td><p><b>FIPS186-4:<br />
+[RSASSA-PSS]: Sig(Gen)</b>: (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+<b>Sig(Ver):</b> (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">Val# 3047</a></p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1887">#1887</a></p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-186-4KEY(gen):</strong> FIPS186-4_Fixed_e ( 10001 ) ;<br />
+<td><p><b>FIPS186-4:<br />
+186-4KEY(gen):</b> FIPS186-4_Fixed_e ( 10001 ) ;<br />
 PGM(ProbPrimeCondition): 2048 , 3072 PPTT:( C.3 )</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#868">Val# 868</a></p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1798">#1798</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">Val#2871</a></p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1784">#1784</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">Val#2871</a></p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1783">#1783</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+<td><p><b>FIPS186-4:<br />
+[RSASSA-PSS]:</b> Sig(Gen): (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
 Sig(Ver): (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">Val# 2886</a></p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1802">#1802</a></p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-186-4KEY(gen):</strong> FIPS186-4_Fixed_e ;<br />
-<strong>PGM(ProbPrimeCondition):</strong> 2048 , 3072 PPTT:( C.3 )</p>
+<td><p><b>FIPS186-4:<br />
+186-4KEY(gen):</b> FIPS186-4_Fixed_e ;<br />
+<b>PGM(ProbPrimeCondition):</b> 2048 , 3072 PPTT:( C.3 )</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#489">Val# 489</a></p></td>
 <td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1487">#1487</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p></td>
 <td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1494">#1494</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5</strong>] SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5</b>] SIG(gen) (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
 SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p></td>
 <td><p>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 MsBignum Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1493">#1493</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>FIPS186-4:<br />
-[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
+<td><p><b>FIPS186-4:<br />
+[RSASSA-PSS]:</b> Sig(Gen): (2048 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))<br />
  Sig(Ver): (1024 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 62 ) )) (2048 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) )) (3072 SHA( 1 SaltLen( 20 ) , 256 SaltLen( 32 ) , 384 SaltLen( 48 ) , 512 SaltLen( 64 ) ))</p>
 <p>SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">Val#2373</a></p></td>
 <td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1519">#1519</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-4:<br />
-ALG[RSASSA-PKCS1_V1_5]</strong> SIG(gen) (2048 SHA( 256 , 384 , 512-256 )) (3072 SHA( 256 , 384 , 512-256 ))<br />
+<td><p><b>FIPS186-4:<br />
+ALG[RSASSA-PKCS1_V1_5]</b> SIG(gen) (2048 SHA( 256 , 384 , 512-256 )) (3072 SHA( 256 , 384 , 512-256 ))<br />
 SIG(Ver) (1024 SHA( 1 , 256 , 384 , 512-256 )) (2048 SHA( 1 , 256 , 384 , 512-256 )) (3072 SHA( 1 , 256 , 384 , 512-256 ))<br />
-<strong>[RSASSA-PSS]:</strong> Sig(Gen): (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
+<b>[RSASSA-PSS]:</b> Sig(Gen): (2048 SHA( 256 , 384 , 512 )) (3072 SHA( 256 , 384 , 512 ))<br />
 Sig(Ver): (1024 SHA( 1 , 256 , 384 , 512 )) (2048 SHA( 1 , 256 , 384 , 512 )) (3072 SHA( 1 , 256 , 384 , 512 , 512 ))<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
 <p>Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1134">Historical RSA List Val#1134</a>.</p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1134">#1134</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-4:<br />
-186-4KEY(gen):</strong> FIPS186-4_Fixed_e , FIPS186-4_Fixed_e_Value<br />
-<strong>PGM(ProbPrimeCondition):</strong> 2048 , 3072 <strong>PPTT:</strong>( C.3 )<br />
+<td><b>FIPS186-4:<br />
+186-4KEY(gen):</b> FIPS186-4_Fixed_e , FIPS186-4_Fixed_e_Value<br />
+<b>PGM(ProbPrimeCondition):</b> 2048 , 3072 <b>PPTT:</b>( C.3 )<br />
 SHA <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a> DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1133">#1133</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>,<br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#258">#258</a><br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1132">Historical RSA List Val#1132</a>.</td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1132">#1132</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>,<br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">Val#1774</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1052">Historical RSA List Val#1052</a>.</td>
 <td>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1052">#1052</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>,<br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#193">Val# 193</a><br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">Val#1773</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#1051">Historical RSA List Val#1051</a>.</td>
 <td>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#1051">#1051</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+<td><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#568">Historical RSA List Val#568</a>.</td>
 <td>Windows Server 2008 R2 and SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#568">#568</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+<td><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
-<strong>ALG[RSASSA-PSS]:</strong> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
+<b>ALG[RSASSA-PSS]:</b> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#567">Historical RSA List Val#567</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#560">Historical RSA List Val#560</a>.</td>
 <td><p>Windows Server 2008 R2 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#567">#567</a></p>
 <p>Windows 7 and SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#560">#560</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 DRBG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/drbg#23">Val# 23</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#559">Historical RSA List Val#559</a>.</td>
 <td>Windows 7 and SP1 and Server 2008 R2 and SP1 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#559">#559</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
+<td><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">Val#1081</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#557">Historical RSA List Val#557</a>.</td>
 <td>Windows 7 and SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#557">#557</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
+<td><b>FIPS186-2:<br />
 ALG[ANSIX9.31]:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>,<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816">Val#816</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#395">Historical RSA List Val#395</a>.</td>
 <td>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#395">#395</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>,<br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">Val#783</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#371">Historical RSA List Val#371</a>.</td>
 <td>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#371">#371</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
+<td><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
-<strong>ALG[RSASSA-PSS]:</strong> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
+<b>ALG[RSASSA-PSS]:</b> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#358">Historical RSA List Val#358</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#357">Historical RSA List Val#357</a>.</td>
 <td><p>Windows Server 2008 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#358">#358</a></p>
 <p>Windows Vista SP1 CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#357">#357</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">Val#753</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#355">Historical RSA List Val#355</a>. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#354">Historical RSA List Val#354</a>.</td>
 <td><p>Windows Server 2008 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#355">#355</a></p>
 <p>Windows Vista SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#354">#354</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537<br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#353">Historical RSA List Val#353</a>.</td>
 <td>Windows Vista SP1 and Windows Server 2008 RSA Key Generation Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#353">#353</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">Val# 321</a><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b> Key(gen)(MOD: 2048 , 3072 , 4096 PubKey Values: 65537 RNG: <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rng#321">Val# 321</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#258">Historical RSA List Val#258</a>.</td>
 <td>Windows Vista RSA key generation implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#258">#258</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
+<td><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
-<strong>ALG[RSASSA-PSS]:</strong> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
+<b>ALG[RSASSA-PSS]:</b> SIG(gen); 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#257">Historical RSA List Val#257</a>.</td>
 <td>Windows Vista CNG algorithms <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#257">#257</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
+<td><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">Val#618</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#255">Historical RSA List Val#255</a>.</td>
 <td>Windows Vista Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#255">#255</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>,<br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">Val#613</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#245">Historical RSA List Val#245</a>.</td>
 <td>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#245">#245</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>,<br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">Val#589</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#230">Historical RSA List Val#230</a>.</td>
 <td>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#230">#230</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>,<br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">Val#578</a>, SHA-512<a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#578">Val#578</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#222">Historical RSA List Val#222</a>.</td>
 <td>Windows CE and Windows Mobile 6 and Windows Mobile 6.1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#222">#222</a></td>
 </tr>
 <tr class="even">
-<td><strong>FIPS186-2:<br />
-ALG[RSASSA-PKCS1_V1_5]:</strong><br />
+<td><b>FIPS186-2:<br />
+ALG[RSASSA-PKCS1_V1_5]:</b><br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">Val#364</a><br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#81">Historical RSA List Val#81</a>.</td>
 <td>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#81">#81</a></td>
 </tr>
 <tr class="odd">
-<td><strong>FIPS186-2:<br />
-ALG[ANSIX9.31]:</strong><br />
+<td><b>FIPS186-2:<br />
+ALG[ANSIX9.31]:</b><br />
 SIG(ver); 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htm#305">Val#305</a><br />
-<strong>ALG[RSASSA-PKCS1_V1_5]:</strong> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>,<br />
+<b>ALG[RSASSA-PKCS1_V1_5]:</b> SIG(gen) 2048 , 3072 , 4096 , SHS: SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>,<br />
 SIG(ver): 1024 , 1536 , 2048 , 3072 , 4096 , SHS: SHA-1<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-256<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-384<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>, SHA-512<a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">Val#305</a>,<br />
 Some of the previously validated components for this validation have been removed because they are now non-compliant per the SP800-131A transition. See <a href="http://csrc.nist.gov/groups/stm/cavp/documents/dss/rsahistoricalval.html#52">Historical RSA List Val#52</a>.</td>
 <td>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/rsa#52">#52</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>FIPS186-2:</strong></p>
+<td><p><b>FIPS186-2:</b></p>
 <p>– PKCS#1 v1.5, signature generation and verification</p>
 <p>– Mod sizes: 1024, 1536, 2048, 3072, 4096</p>
 <p>– SHS: SHA–1/256/384/512</p></td>
@@ -6143,8 +6143,8 @@ Some of the previously validated components for this validation have been remove
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -6213,170 +6213,170 @@ Some of the previously validated components for this validation have been remove
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong>      (BYTE-only)<br />
-<strong>SHA-256</strong>  (BYTE-only)<br />
-<strong>SHA-384</strong>  (BYTE-only)<br />
-<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><b>SHA-1</b>      (BYTE-only)<br />
+<b>SHA-256</b>  (BYTE-only)<br />
+<b>SHA-384</b>  (BYTE-only)<br />
+<b>SHA-512</b>  (BYTE-only)</td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3790">#3790</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong>      (BYTE-only)<br />
-<strong>SHA-256</strong>  (BYTE-only)<br />
-<strong>SHA-384</strong>  (BYTE-only)<br />
-<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><b>SHA-1</b>      (BYTE-only)<br />
+<b>SHA-256</b>  (BYTE-only)<br />
+<b>SHA-384</b>  (BYTE-only)<br />
+<b>SHA-512</b>  (BYTE-only)</td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3652">#3652</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong>      (BYTE-only)<br />
-<strong>SHA-256</strong>  (BYTE-only)<br />
-<strong>SHA-384</strong>  (BYTE-only)<br />
-<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><b>SHA-1</b>      (BYTE-only)<br />
+<b>SHA-256</b>  (BYTE-only)<br />
+<b>SHA-384</b>  (BYTE-only)<br />
+<b>SHA-512</b>  (BYTE-only)</td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3651">#3651</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong>      (BYTE-only)<br />
-<strong>SHA-256</strong>  (BYTE-only)<br />
-<strong>SHA-384</strong>  (BYTE-only)<br />
-<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><b>SHA-1</b>      (BYTE-only)<br />
+<b>SHA-256</b>  (BYTE-only)<br />
+<b>SHA-384</b>  (BYTE-only)<br />
+<b>SHA-512</b>  (BYTE-only)</td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3649">#3649</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong>      (BYTE-only)<br />
-<strong>SHA-256</strong>  (BYTE-only)<br />
-<strong>SHA-384</strong>  (BYTE-only)<br />
-<strong>SHA-512</strong>  (BYTE-only)</td>
+<td><b>SHA-1</b>      (BYTE-only)<br />
+<b>SHA-256</b>  (BYTE-only)<br />
+<b>SHA-384</b>  (BYTE-only)<br />
+<b>SHA-512</b>  (BYTE-only)</td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3648">#3648</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3347">#3347</a><br />
 Version 10.0.14393</td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3346">#3346</a><br />
 Version 10.0.14393</td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3048">#3048</a><br />
 Version 10.0.10586</td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#3047">#3047</a><br />
 Version 10.0.10586</td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2886">#2886</a><br />
 Version 10.0.10240</td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2871">#2871</a><br />
 Version 10.0.10240</td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2396">#2396</a><br />
 Version 6.3.9600</td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#2373">#2373</a><br />
 Version 6.3.9600</td>
 </tr>
 <tr class="even">
-<td><p><strong>SHA-1</strong> (BYTE-only)</p>
-<p><strong>SHA-256</strong> (BYTE-only)</p>
-<p><strong>SHA-384</strong> (BYTE-only)</p>
-<p><strong>SHA-512</strong> (BYTE-only)</p>
+<td><p><b>SHA-1</b> (BYTE-only)</p>
+<p><b>SHA-256</b> (BYTE-only)</p>
+<p><b>SHA-384</b> (BYTE-only)</p>
+<p><b>SHA-512</b> (BYTE-only)</p>
 <p><em>Implementation does not support zero-length (null) messages.</em></p></td>
 <td><p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1903">#1903</a></p>
 <p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1902">#1902</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td><p>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1774">#1774</a></p>
 <p>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1773">#1773</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td><p>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#1081">#1081</a></p>
 <p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#816.">#816</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)</td>
 <td><p>Windows XP Professional SP3 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#785">#785</a></p>
 <p>Windows XP Professional SP3 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#784">#784</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td>Windows XP Professional SP3 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#783">#783</a></td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td><p>Windows Vista SP1 and Windows Server 2008 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#753">#753</a></p>
 <p>Windows Vista Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#618">#618</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)</td>
 <td><p>Windows Vista BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#737">#737</a></p>
 <p>Windows Vista Beta 2 BitLocker Drive Encryption <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#495">#495</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td><p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#613">#613</a></p>
 <p>Windows Server 2003 SP1 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#364">#364</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)</td>
 <td><p>Windows Server 2003 SP2 Enhanced DSS and Diffie-Hellman Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#611">#611</a></p>
 <p>Windows Server 2003 SP2 Kernel Mode Cryptographic Module (fips.sys) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#610">#610</a></p>
 <p>Windows Server 2003 SP1 Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#385">#385</a></p>
@@ -6386,16 +6386,16 @@ Version 6.3.9600</td>
 <p>Windows Server 2003 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#176">#176</a></p></td>
 </tr>
 <tr class="odd">
-<td><strong>SHA-1</strong> (BYTE-only)<br />
-<strong>SHA-256</strong> (BYTE-only)<br />
-<strong>SHA-384</strong> (BYTE-only)<br />
-<strong>SHA-512</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)<br />
+<b>SHA-256</b> (BYTE-only)<br />
+<b>SHA-384</b> (BYTE-only)<br />
+<b>SHA-512</b> (BYTE-only)</td>
 <td><p>Windows CE 6.0 and Windows CE 6.0 R2 and Windows Mobile Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#589">#589</a></p>
 <p>Windows CE and Windows Mobile 6 and Windows Mobile 6.5 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#578">#578</a></p>
 <p>Windows CE 5.00 and Windows CE 5.01 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#305">#305</a></p></td>
 </tr>
 <tr class="even">
-<td><strong>SHA-1</strong> (BYTE-only)</td>
+<td><b>SHA-1</b> (BYTE-only)</td>
 <td><p>Windows XP Microsoft Enhanced Cryptographic Provider <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#83">#83</a></p>
 <p>Crypto Driver for Windows 2000 (fips.sys) <a href="http://csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.htmlhttp:/csrc.nist.gov/groups/stm/cavp/documents/shs/shaval.html#35">#35</a></p>
 <p>Windows 2000 Microsoft Outlook Cryptographic Provider (EXCHCSP.DLL) SR-1A (3821) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/shs#32">#32</a></p>
@@ -6417,8 +6417,8 @@ Version 6.3.9600</td>
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Modes / States / Key Sizes</strong></td>
-<td><strong>Algorithm Implementation and Certificate #</strong></td>
+<td><b>Modes / States / Key Sizes</b></td>
+<td><b>Algorithm Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
@@ -6499,112 +6499,112 @@ Version 6.3.9600</td>
 <p>Version 10.0.16299</p></td>
 </tr>
 <tr class="odd">
-<td><strong>TECB</strong>( KO 1 e/d, ) ; <strong>TCBC</strong>( KO 1 e/d, ) ; <strong>TCFB8</strong>( KO 1 e/d, ) ; <strong>TCFB64</strong>( KO 1 e/d, )</td>
+<td><b>TECB</b>( KO 1 e/d, ) ; <b>TCBC</b>( KO 1 e/d, ) ; <b>TCFB8</b>( KO 1 e/d, ) ; <b>TCFB64</b>( KO 1 e/d, )</td>
 <td><p>Windows 10 Creators Update (version 1703) Home, Pro, Enterprise, Education, Windows 10 S, Windows 10 Mobile SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2459">#2459</a></p>
 <p>Version 10.0.15063</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCBC</strong>( KO 1 e/d, )</p></td>
+<td><p><b>TECB</b>( KO 1 e/d, ) ;</p>
+<p><b>TCBC</b>( KO 1 e/d, )</p></td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2384">#2384</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCBC</strong>( KO 1 e/d, )</p></td>
+<td><p><b>TECB</b>( KO 1 e/d, ) ;</p>
+<p><b>TCBC</b>( KO 1 e/d, )</p></td>
 <td><p>Windows Embedded Compact Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2383">#2383</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
-<p><strong>CTR</strong> ( int only )</p></td>
+<td><p><b>TECB</b>( KO 1 e/d, ) ;</p>
+<p><b>TCBC</b>( KO 1 e/d, ) ;</p>
+<p><b>CTR</b> ( int only )</p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2382">#2382</a></p>
 <p>Version 7.00.2872</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCBC</strong>( KO 1 e/d, )</p></td>
+<td><p><b>TECB</b>( KO 1 e/d, ) ;</p>
+<p><b>TCBC</b>( KO 1 e/d, )</p></td>
 <td><p>Windows Embedded Compact Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2381">#2381</a></p>
 <p>Version 8.00.6246</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCFB8</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCFB64</strong>( KO 1 e/d, )</p></td>
+<td><p><b>TECB</b>( KO 1 e/d, ) ;</p>
+<p><b>TCBC</b>( KO 1 e/d, ) ;</p>
+<p><b>TCFB8</b>( KO 1 e/d, ) ;</p>
+<p><b>TCFB64</b>( KO 1 e/d, )</p></td>
 <td><p>Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2227">#2227</a><br />
 <br />
 </p>
 <p>Version 10.0.14393</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCFB8</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCFB64</strong>( KO 1 e/d, )</p></td>
+<td><p><b>TECB</b>( KO 1 e/d, ) ;</p>
+<p><b>TCBC</b>( KO 1 e/d, ) ;</p>
+<p><b>TCFB8</b>( KO 1 e/d, ) ;</p>
+<p><b>TCFB64</b>( KO 1 e/d, )</p></td>
 <td><p>Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub and Surface Hub SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#2024">#2024</a><br />
 <br />
 </p>
 <p>Version 10.0.10586</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCFB8</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCFB64</strong>( KO 1 e/d, )</p></td>
+<td><p><b>TECB</b>( KO 1 e/d, ) ;</p>
+<p><b>TCBC</b>( KO 1 e/d, ) ;</p>
+<p><b>TCFB8</b>( KO 1 e/d, ) ;</p>
+<p><b>TCFB64</b>( KO 1 e/d, )</p></td>
 <td><p>Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1969">#1969</a><br />
 <br />
 </p>
 <p>Version 10.0.10240</p></td>
 </tr>
 <tr class="odd">
-<td><p><strong>TECB</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCBC</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCFB8</strong>( KO 1 e/d, ) ;</p>
-<p><strong>TCFB64</strong>( KO 1 e/d, )</p></td>
+<td><p><b>TECB</b>( KO 1 e/d, ) ;</p>
+<p><b>TCBC</b>( KO 1 e/d, ) ;</p>
+<p><b>TCFB8</b>( KO 1 e/d, ) ;</p>
+<p><b>TCFB64</b>( KO 1 e/d, )</p></td>
 <td><p>Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1692">#1692</a></p>
 <p>Version 6.3.9600</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCFB8</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCFB64</strong>( e/d; KO 1,2 )</p></td>
+<td><p><b>TECB</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCBC</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCFB8</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCFB64</b>( e/d; KO 1,2 )</p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1387">#1387</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCFB8</strong>( e/d; KO 1,2 )</p></td>
+<td><p><b>TECB</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCBC</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCFB8</b>( e/d; KO 1,2 )</p></td>
 <td>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCFB8</strong>( e/d; KO 1,2 )</p></td>
+<td><p><b>TECB</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCBC</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCFB8</b>( e/d; KO 1,2 )</p></td>
 <td>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a></td>
 </tr>
 <tr class="odd">
-<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCFB8</strong>( e/d; KO 1,2 )</p></td>
+<td><p><b>TECB</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCBC</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCFB8</b>( e/d; KO 1,2 )</p></td>
 <td>Windows Vista SP1 and Windows Server 2008 Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#656">#656</a></td>
 </tr>
 <tr class="even">
-<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCBC</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCFB8</strong>( e/d; KO 1,2 )</p></td>
+<td><p><b>TECB</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCBC</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCFB8</b>( e/d; KO 1,2 )</p></td>
 <td>Windows Vista Symmetric Algorithm Implementation <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#549">#549</a></td>
 </tr>
 <tr class="odd">
-<td><strong>Triple DES MAC</strong></td>
+<td><b>Triple DES MAC</b></td>
 <td><p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1386">#1386</a>, vendor-affirmed</p>
 <p>Windows 7 and SP1 and Windows Server 2008 R2 and SP1 <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#846">#846</a>, vendor-affirmed</p></td>
 </tr>
 <tr class="even">
-<td><p><strong>TECB</strong>( e/d; KO 1,2 ) ;</p>
-<p><strong>TCBC</strong>( e/d; KO 1,2 )</p></td>
+<td><p><b>TECB</b>( e/d; KO 1,2 ) ;</p>
+<p><b>TCBC</b>( e/d; KO 1,2 )</p></td>
 <td><p>Windows Embedded Compact 7 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1308">#1308</a></p>
 <p>Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#1307">#1307</a></p>
 <p>Windows Server 2003 SP2 Enhanced Cryptographic Provider (RSAENH) <a href="https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/validation/validation-list/tdes#691">#691</a></p>
@@ -6636,15 +6636,15 @@ Version 6.3.9600</td>
 <table border="1" cellpadding="0" summary="table" xmlns="http://www.w3.org/1999/xhtml">
   <tr>
     <td>
-      <strong>Modes / States / Key Sizes</strong>
+      <b>Modes / States / Key Sizes</b>
     </td>
     <td colspan="2">
-      <strong>Algorithm Implementation and Certificate #</strong>
+      <b>Algorithm Implementation and Certificate #</b>
     </td>
   </tr>
   <tr>
     <td>
-      <strong>PBKDF</strong> (vendor affirmed)</td>
+      <b>PBKDF</b> (vendor affirmed)</td>
     <td colspan="2">
       <p> Kernel Mode Cryptographic Primitives Library (cng.sys) Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a runat="server" href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937">#2937</a><br />(Software Version: 10.0.14393)</p>
       <p>Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a runat="server" href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">#2936</a><br />(Software Version: 10.0.14393)</p>
@@ -6654,7 +6654,7 @@ Version 6.3.9600</td>
   </tr>
   <tr>
     <td colspan="2">
-      <strong>PBKDF</strong> (vendor affirmed)</td>
+      <b>PBKDF</b> (vendor affirmed)</td>
     <td>
       <p>Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 <a runat="server" href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936">#2936</a><br />(Software Version: 10.0.14393)</p>
       <p>Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG), vendor-affirmed</p>
@@ -6672,8 +6672,8 @@ Version 6.3.9600</td>
 </colgroup>
 <tbody>
 <tr class="odd">
-<td><strong>Publication / Component Validated / Description</strong></td>
-<td><strong>Implementation and Certificate #</strong></td>
+<td><b>Publication / Component Validated / Description</b></td>
+<td><b>Implementation and Certificate #</b></td>
 </tr>
 <tr class="even">
 <td><ul>
diff --git a/windows/security/threat-protection/intelligence/support-scams.md b/windows/security/threat-protection/intelligence/support-scams.md
index 8544b43d61..5ecbd9a101 100644
--- a/windows/security/threat-protection/intelligence/support-scams.md
+++ b/windows/security/threat-protection/intelligence/support-scams.md
@@ -63,6 +63,6 @@ It is also important to keep the following in mind:
 
 Help Microsoft stop scammers, whether they claim to be from Microsoft or from another tech company, by reporting tech support scams:
 
-<strong>www.microsoft.com/reportascam</strong>
+<b>www.microsoft.com/reportascam</b>
 
 You can also report any **unsafe website** that you suspect is a phishing website or contains malicious content directly to Microsoft by filling out a [Report an unsafe site form](https://www.microsoft.com/wdsi/support/report-unsafe-site) or using built in web browser functionality.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
index 2dc93956ba..ef4053bac6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
@@ -103,8 +103,8 @@ The following steps assume that you have completed all the required steps in [Be
     For example, if the configuration file in &quot;flexagent&quot; directory is named &quot;WDATP-Connector.jsonparser.properties&quot;, you must type &quot;WDATP-Connector&quot; as the name of the client property file.</td>
     </tr>
     <td>Events URL</td>
-    <td>Depending on the location of your datacenter, select either the EU or the US URL: </br></br> <strong>For EU</strong>:  https://<i></i>wdatp-alertexporter-eu.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME <br>
-   </br><strong>For US:</strong> https://<i></i>wdatp-alertexporter-us.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME <br> <br> <strong>For UK</strong>:  https://<i></i>wdatp-alertexporter-uk.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME</td>
+    <td>Depending on the location of your datacenter, select either the EU or the US URL: </br></br> <b>For EU</b>:  https://<i></i>wdatp-alertexporter-eu.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME <br>
+   </br><b>For US:</b> https://<i></i>wdatp-alertexporter-us.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME <br> <br> <b>For UK</b>:  https://<i></i>wdatp-alertexporter-uk.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME</td>
     <tr>
     <td>Authentication Type</td>
     <td>OAuth 2</td>
@@ -113,7 +113,7 @@ The following steps assume that you have completed all the required steps in [Be
     <td>Browse to the location of the <em>wdatp-connector.properties</em> file. The name must match the file provided in the .zip that you downloaded.</td>
     <tr>
     <td>Refresh Token</td>
-    <td>You can obtain a refresh token in two ways: by generating a refresh token from the <strong>SIEM settings</strong> page or using the restutil tool. <br><br> For more information on generating a refresh token from the <strong>Preferences setup</strong> , see <a href="enable-siem-integration.md" data-raw-source="[Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)">Enable SIEM integration in Microsoft Defender ATP</a>. </br> </br><strong>Get your refresh token using the restutil tool:</strong> </br> a. Open a command prompt. Navigate to C:\<em>folder_location</em>\current\bin where <em>folder_location</em> represents the location where you installed the tool. </br></br> b. Type: <code>arcsight restutil token -config</code> from the bin directory.For example: <strong>arcsight restutil boxtoken -proxy proxy.location.hp.com:8080</strong> A Web browser window will open. </br> </br>c. Type in your credentials then click on the password field to let the page redirect. In the login prompt, enter your credentials. </br> </br>d. A refresh token is shown in the command prompt. </br></br> e. Copy and paste it into the <strong>Refresh Token</strong> field.
+    <td>You can obtain a refresh token in two ways: by generating a refresh token from the <b>SIEM settings</b> page or using the restutil tool. <br><br> For more information on generating a refresh token from the <b>Preferences setup</b> , see <a href="enable-siem-integration.md" data-raw-source="[Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)">Enable SIEM integration in Microsoft Defender ATP</a>. </br> </br><b>Get your refresh token using the restutil tool:</b> </br> a. Open a command prompt. Navigate to C:\<em>folder_location</em>\current\bin where <em>folder_location</em> represents the location where you installed the tool. </br></br> b. Type: <code>arcsight restutil token -config</code> from the bin directory.For example: <b>arcsight restutil boxtoken -proxy proxy.location.hp.com:8080</b> A Web browser window will open. </br> </br>c. Type in your credentials then click on the password field to let the page redirect. In the login prompt, enter your credentials. </br> </br>d. A refresh token is shown in the command prompt. </br></br> e. Copy and paste it into the <b>Refresh Token</b> field.
     </td>
     </tr>
     </tr>
diff --git a/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md b/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
index 7f19406d2e..a856668804 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
@@ -108,15 +108,15 @@ See <a href="configure-endpoints.md" data-raw-source="[Onboard Windows 10 device
 <tr>
 <td>8</td>
 <td>Microsoft Defender Advanced Threat Protection service failed to clean its configuration. Failure code: <code>variable</code>.</td>
-<td><strong>During onboarding:</strong> The service failed to clean its configuration during the onboarding. The onboarding process continues. <br><br> <strong>During offboarding:</strong> The service failed to clean its configuration during the offboarding. The offboarding process finished but the service keeps running.
+<td><b>During onboarding:</b> The service failed to clean its configuration during the onboarding. The onboarding process continues. <br><br> <b>During offboarding:</b> The service failed to clean its configuration during the offboarding. The offboarding process finished but the service keeps running.
  </td>
-<td><strong>Onboarding:</strong> No action required. <br><br> <strong>Offboarding:</strong> Reboot the system.<br>
+<td><b>Onboarding:</b> No action required. <br><br> <b>Offboarding:</b> Reboot the system.<br>
 See <a href="configure-endpoints.md" data-raw-source="[Onboard Windows 10 devices](configure-endpoints.md)">Onboard Windows 10 devices</a>.</td>
 </tr>
 <tr>
 <td>9</td>
 <td>Microsoft Defender Advanced Threat Protection service failed to change its start type. Failure code: <code>variable</code>.</td>
-<td><strong>During onboarding:</strong> The device did not onboard correctly and will not be reporting to the portal. <br><br><strong>During offboarding:</strong> Failed to change the service start type. The offboarding process continues. </td>
+<td><b>During onboarding:</b> The device did not onboard correctly and will not be reporting to the portal. <br><br><b>During offboarding:</b> Failed to change the service start type. The offboarding process continues. </td>
 <td>Check that the onboarding settings and scripts were deployed properly. Try to redeploy the configuration packages.<br>
 See <a href="configure-endpoints.md" data-raw-source="[Onboard Windows 10 devices](configure-endpoints.md)">Onboard Windows 10 devices</a>.</td>
 </tr>
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
index 4f0891df0c..3956891c0c 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
@@ -33,29 +33,29 @@ SmartScreen uses registry-based Administrative Template policy settings. For mor
 <th align="left">Description</th>
 </tr>
 <tr>
-<td><strong>Windows 10, version 2004:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure Windows Defender SmartScreen<p>
-<td><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure Windows Defender SmartScreen<p><strong>Windows 10, Version 1607 and earlier:</strong><br>Administrative Templates\Windows Components\File Explorer\Configure Windows SmartScreen</td>
+<td><b>Windows 10, version 2004:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure Windows Defender SmartScreen<p>
+<td><b>Windows 10, version 1703:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure Windows Defender SmartScreen<p><b>Windows 10, Version 1607 and earlier:</b><br>Administrative Templates\Windows Components\File Explorer\Configure Windows SmartScreen</td>
 <td>At least Windows Server 2012, Windows 8 or Windows RT</td>
 <td>This policy setting turns on Microsoft Defender SmartScreen.<p>If you enable this setting, it turns on Microsoft Defender SmartScreen and your employees are unable to turn it off. Additionally, when enabling this feature, you must also pick whether Microsoft Defender SmartScreen should Warn your employees or Warn and prevent bypassing the message (effectively blocking the employee from the site).<p>If you disable this setting, it turns off Microsoft Defender SmartScreen and your employees are unable to turn it on.<p>If you don't configure this setting, your employees can decide whether to use Microsoft Defender SmartScreen.</td>
 </tr>
 <tr>
-<td><strong>Windows 10, version 2004:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control</td>
-<td><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control</td>
-<td><strong>Windows 10, version 1703</td>
-<td>This policy setting is intended to prevent malicious content from affecting your user's devices when downloading executable content from the internet.</br></br>This setting does not protect against malicious content from USB devices, network shares or other non-internet sources.</p><p><strong>Important:</strong> Using a trustworthy browser helps ensure that these protections work as expected.</p></td>
+<td><b>Windows 10, version 2004:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control</td>
+<td><b>Windows 10, version 1703:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control</td>
+<td><b>Windows 10, version 1703</td>
+<td>This policy setting is intended to prevent malicious content from affecting your user's devices when downloading executable content from the internet.</br></br>This setting does not protect against malicious content from USB devices, network shares or other non-internet sources.</p><p><b>Important:</b> Using a trustworthy browser helps ensure that these protections work as expected.</p></td>
 </tr>
 <tr>
-<td><strong>Windows 10, version 2004:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen<p><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen<p><strong>Windows 10, Version 1607 and earlier:</strong><br>Administrative Templates\Windows Components\Microsoft Edge\Configure Windows SmartScreen</td>
+<td><b>Windows 10, version 2004:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen<p><b>Windows 10, version 1703:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen<p><b>Windows 10, Version 1607 and earlier:</b><br>Administrative Templates\Windows Components\Microsoft Edge\Configure Windows SmartScreen</td>
 <td>Microsoft Edge on Windows 10 or later</td>
 <td>This policy setting turns on Microsoft Defender SmartScreen.<p>If you enable this setting, it turns on Microsoft Defender SmartScreen and your employees are unable to turn it off.<p>If you disable this setting, it turns off Microsoft Defender SmartScreen and your employees are unable to turn it on.<p>If you don't configure this setting, your employees can decide whether to use Microsoft Defender SmartScreen.</td>
 </tr>
 <tr>
-<td><strong>Windows 10, version 2004:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files<p><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files<p><strong>Windows 10, Version 1511 and 1607:</strong><br>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows SmartScreen prompts for files</td>
+<td><b>Windows 10, version 2004:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files<p><b>Windows 10, version 1703:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files<p><b>Windows 10, Version 1511 and 1607:</b><br>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows SmartScreen prompts for files</td>
 <td>Microsoft Edge on Windows 10, version 1511 or later</td>
 <td>This policy setting stops employees from bypassing the Microsoft Defender SmartScreen warnings about potentially malicious files.<p>If you enable this setting, it stops employees from bypassing the warning, stopping the file download.<p>If you disable or don't configure this setting, your employees can bypass the warnings and continue to download potentially malicious files.</td>
 </tr>
 <tr>
-<td><strong>Windows 10, version 2004:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites<p><strong>Windows 10, version 1703:</strong><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites<p><strong>Windows 10, Version 1511 and 1607:</strong><br>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows SmartScreen prompts for sites</td>
+<td><b>Windows 10, version 2004:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites<p><b>Windows 10, version 1703:</b><br>Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites<p><b>Windows 10, Version 1511 and 1607:</b><br>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows SmartScreen prompts for sites</td>
 <td>Microsoft Edge on Windows 10, version 1511 or later</td>
 <td>This policy setting stops employees from bypassing the Microsoft Defender SmartScreen warnings about potentially malicious sites.<p>If you enable this setting, it stops employees from bypassing the warning, stopping them from going to the site.<p>If you disable or don't configure this setting, your employees can bypass the warnings and continue to visit a potentially malicious site.</td>
 </tr>
@@ -90,11 +90,11 @@ For Microsoft Defender SmartScreen Internet Explorer MDM policies, see [Policy C
 <td>Windows 10</td>
 <td>
 <ul>
-<li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen</li>
-<li><strong>Data type.</strong> Integer</li>
-<li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Turns off Microsoft Defender SmartScreen in Edge.</li>
-<li><strong>1.</strong> Turns on Microsoft Defender SmartScreen in Edge.</li></ul></li></ul>
+<li><b>URI full path.</b> ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen</li>
+<li><b>Data type.</b> Integer</li>
+<li><b>Allowed values:</b><ul>
+<li><b>0 .</b> Turns off Microsoft Defender SmartScreen in Edge.</li>
+<li><b>1.</b> Turns on Microsoft Defender SmartScreen in Edge.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -102,11 +102,11 @@ For Microsoft Defender SmartScreen Internet Explorer MDM policies, see [Policy C
 <td>Windows 10, version 1703</td>
 <td>
 <ul>
-<li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/SmartScreen/EnableAppInstallControl</li>
-<li><strong>Data type.</strong> Integer</li>
-<li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Turns off Application Installation Control, allowing users to download and install files from anywhere on the web.</li>
-<li><strong>1.</strong> Turns on Application Installation Control, allowing users to install apps from the Microsoft Store only.</li></ul></li></ul>
+<li><b>URI full path.</b> ./Vendor/MSFT/Policy/Config/SmartScreen/EnableAppInstallControl</li>
+<li><b>Data type.</b> Integer</li>
+<li><b>Allowed values:</b><ul>
+<li><b>0 .</b> Turns off Application Installation Control, allowing users to download and install files from anywhere on the web.</li>
+<li><b>1.</b> Turns on Application Installation Control, allowing users to install apps from the Microsoft Store only.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -114,11 +114,11 @@ For Microsoft Defender SmartScreen Internet Explorer MDM policies, see [Policy C
 <td>Windows 10, version 1703</td>
 <td>
 <ul>
-<li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell</li>
-<li><strong>Data type.</strong> Integer</li>
-<li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Turns off Microsoft Defender SmartScreen in Windows for app and file execution.</li>
-<li><strong>1.</strong> Turns on Microsoft Defender SmartScreen in Windows for app and file execution.</li></ul></li></ul>
+<li><b>URI full path.</b> ./Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell</li>
+<li><b>Data type.</b> Integer</li>
+<li><b>Allowed values:</b><ul>
+<li><b>0 .</b> Turns off Microsoft Defender SmartScreen in Windows for app and file execution.</li>
+<li><b>1.</b> Turns on Microsoft Defender SmartScreen in Windows for app and file execution.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -126,11 +126,11 @@ For Microsoft Defender SmartScreen Internet Explorer MDM policies, see [Policy C
 <td>Windows 10, version 1703</td>
 <td>
 <ul>
-<li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/SmartScreen/PreventOverrideForFilesInShell</li>
-<li><strong>Data type.</strong> Integer</li>
-<li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Employees can ignore Microsoft Defender SmartScreen warnings and run malicious files.</li>
-<li><strong>1.</strong> Employees can't ignore Microsoft Defender SmartScreen warnings and run malicious files.</li></ul></li></ul>
+<li><b>URI full path.</b> ./Vendor/MSFT/Policy/Config/SmartScreen/PreventOverrideForFilesInShell</li>
+<li><b>Data type.</b> Integer</li>
+<li><b>Allowed values:</b><ul>
+<li><b>0 .</b> Employees can ignore Microsoft Defender SmartScreen warnings and run malicious files.</li>
+<li><b>1.</b> Employees can't ignore Microsoft Defender SmartScreen warnings and run malicious files.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -138,11 +138,11 @@ For Microsoft Defender SmartScreen Internet Explorer MDM policies, see [Policy C
 <td>Windows 10, Version 1511 and later</td>
 <td>
 <ul>
-<li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/Browser/PreventSmartscreenPromptOverride</li>
-<li><strong>Data type.</strong> Integer</li>
-<li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Employees can ignore Microsoft Defender SmartScreen warnings.</li>
-<li><strong>1.</strong> Employees can't ignore Microsoft Defender SmartScreen warnings.</li></ul></li></ul>
+<li><b>URI full path.</b> ./Vendor/MSFT/Policy/Config/Browser/PreventSmartscreenPromptOverride</li>
+<li><b>Data type.</b> Integer</li>
+<li><b>Allowed values:</b><ul>
+<li><b>0 .</b> Employees can ignore Microsoft Defender SmartScreen warnings.</li>
+<li><b>1.</b> Employees can't ignore Microsoft Defender SmartScreen warnings.</li></ul></li></ul>
 </td>
 </tr>
 <tr>
@@ -150,11 +150,11 @@ For Microsoft Defender SmartScreen Internet Explorer MDM policies, see [Policy C
 <td>Windows 10, Version 1511 and later</td>
 <td>
 <ul>
-<li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/Browser/PreventSmartScreenPromptOverrideForFiles</li>
-<li><strong>Data type.</strong> Integer</li>
-<li><strong>Allowed values:</strong><ul>
-<li><strong>0 .</strong> Employees can ignore Microsoft Defender SmartScreen warnings for files.</li>
-<li><strong>1.</strong> Employees can't ignore Microsoft Defender SmartScreen warnings for files.</li></ul></li></ul>
+<li><b>URI full path.</b> ./Vendor/MSFT/Policy/Config/Browser/PreventSmartScreenPromptOverrideForFiles</li>
+<li><b>Data type.</b> Integer</li>
+<li><b>Allowed values:</b><ul>
+<li><b>0 .</b> Employees can ignore Microsoft Defender SmartScreen warnings for files.</li>
+<li><b>1.</b> Employees can't ignore Microsoft Defender SmartScreen warnings for files.</li></ul></li></ul>
 </td>
 </tr>
 </table>
@@ -170,19 +170,19 @@ To better help you protect your organization, we recommend turning on and using
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Microsoft Edge\Configure Windows Defender SmartScreen</td>
-<td><strong>Enable.</strong> Turns on Microsoft Defender SmartScreen.</td>
+<td><b>Enable.</b> Turns on Microsoft Defender SmartScreen.</td>
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites</td>
-<td><strong>Enable.</strong> Stops employees from ignoring warning messages and continuing to a potentially malicious website.</td>
+<td><b>Enable.</b> Stops employees from ignoring warning messages and continuing to a potentially malicious website.</td>
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files</td>
-<td><strong>Enable.</strong> Stops employees from ignoring warning messages and continuing to download potentially malicious files.</td>
+<td><b>Enable.</b> Stops employees from ignoring warning messages and continuing to download potentially malicious files.</td>
 </tr>
 <tr>
 <td>Administrative Templates\Windows Components\File Explorer\Configure Windows Defender SmartScreen</td>
-<td><strong>Enable with the Warn and prevent bypass option.</strong> Stops employees from ignoring warning messages about malicious files downloaded from the Internet.</td>
+<td><b>Enable with the Warn and prevent bypass option.</b> Stops employees from ignoring warning messages about malicious files downloaded from the Internet.</td>
 </tr>
 </table>
 <p>
@@ -193,23 +193,23 @@ To better help you protect your organization, we recommend turning on and using
 </tr>
 <tr>
 <td>Browser/AllowSmartScreen</td>
-<td><strong>1.</strong> Turns on Microsoft Defender SmartScreen.</td>
+<td><b>1.</b> Turns on Microsoft Defender SmartScreen.</td>
 </tr>
 <tr>
 <td>Browser/PreventSmartScreenPromptOverride</td>
-<td><strong>1.</strong> Stops employees from ignoring warning messages and continuing to a potentially malicious website.</td>
+<td><b>1.</b> Stops employees from ignoring warning messages and continuing to a potentially malicious website.</td>
 </tr>
 <tr>
 <td>Browser/PreventSmartScreenPromptOverrideForFiles</td>
-<td><strong>1.</strong> Stops employees from ignoring warning messages and continuing to download potentially malicious files.</td>
+<td><b>1.</b> Stops employees from ignoring warning messages and continuing to download potentially malicious files.</td>
 </tr>
 <tr>
 <td>SmartScreen/EnableSmartScreenInShell</td>
-<td><strong>1.</strong> Turns on Microsoft Defender SmartScreen in Windows.<p>Requires at least Windows 10, version 1703.</td>
+<td><b>1.</b> Turns on Microsoft Defender SmartScreen in Windows.<p>Requires at least Windows 10, version 1703.</td>
 </tr>
 <tr>
 <td>SmartScreen/PreventOverrideForFilesInShell</td>
-<td><strong>1.</strong> Stops employees from ignoring warning messages about malicious files downloaded from the Internet.<p>Requires at least Windows 10, version 1703.</td>
+<td><b>1.</b> Stops employees from ignoring warning messages about malicious files downloaded from the Internet.<p>Requires at least Windows 10, version 1703.</td>
 </tr>
 </table> 
 
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index 15bf8bc91c..eaef387dbf 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -311,9 +311,9 @@ The following table lists EMET features in relation to Windows 10 features.
 <table>
 <thead>
 <tr class="header">
-<th><strong>Specific EMET features</strong></th>
-<th><strong>How these EMET features map<br />
-to Windows 10 features</strong></th>
+<th><b>Specific EMET features</b></th>
+<th><b>How these EMET features map<br />
+to Windows 10 features</b></th>
 </tr>
 </thead>
 <tbody>
diff --git a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
index d726f7ff56..905bf8c06a 100644
--- a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
+++ b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
@@ -351,7 +351,7 @@ The following table details the hardware requirements for both virtualization-ba
 <td align="left"><p>Virtualization extensions, such as Intel VT-x, AMD-V, and SLAT must be enabled</p></td>
 <td align="left"><p>Required to support virtualization-based security.</p>
 <div class="alert">
-<strong>Note</strong><br/><p>Device Guard can be enabled without using virtualization-based security.</p>
+<b>Note</b><br/><p>Device Guard can be enabled without using virtualization-based security.</p>
 </div>
 <div>
 
@@ -533,7 +533,7 @@ If the TPM ownership is not known but the EK exists, the client library will pro
 
 As part of the provisioning process, Windows 10 will create an AIK with the TPM. When this operation is performed, the resulting AIK public portion is stored in the registry at the following location: **HKLM\\SYSTEM\\CurrentControlSet\\Services\\TPM\\WMI\\WindowsAIKPub**
 
-> **Note:**  For provisioning AIK certificates and filtering Internet access, you must authorize the following wildcard URL: <strong>https://\*.microsoftaik.azure.net</strong>
+> **Note:**  For provisioning AIK certificates and filtering Internet access, you must authorize the following wildcard URL: <b>https://\*.microsoftaik.azure.net</b>
 
 ### Windows 10 Health Attestation CSP
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
index 7ac5a2faeb..1f35434f95 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md
@@ -59,12 +59,12 @@ You can perform this task by using the Group Policy Management Console for an Ap
     </thead>
     <tbody>
     <tr class="odd">
-    <td align="left"><p><strong>Use an installed packaged app as a reference</strong></p></td>
+    <td align="left"><p><b>Use an installed packaged app as a reference</b></p></td>
     <td align="left"><p>If selected, AppLocker requires you to choose an app that is already installed on which to base your new rule. AppLocker uses the publisher, package name and package version to define the rule.</p></td>
     <td align="left"><p>You want the Sales group only to use the app named Microsoft.BingMaps for its outside sales calls. The Microsoft.BingMaps app is already installed on the device where you are creating the rule, so you choose this option, and select the app from the list of apps installed on the computer and create the rule using this app as a reference.</p></td>
     </tr>
     <tr class="even">
-    <td align="left"><p><strong>Use a packaged app installer as a reference</strong></p></td>
+    <td align="left"><p><b>Use a packaged app installer as a reference</b></p></td>
     <td align="left"><p>If selected, AppLocker requires you to choose an app installer on which to base your new rule. A packaged app installer has the .appx extension. AppLocker uses the publisher, package name and package version of the installer to define the rule.</p></td>
     <td align="left"><p>Your company has developed a number of internal line-of-business packaged apps. The app installers are stored on a common file share. Employees can install the required apps from that file share. You want to allow all your employees to install the Payroll app from this share. So you choose this option from the wizard, browse to the file share and choose the installer for the Payroll app as a reference to create your rule.</p></td>
     </tr>
@@ -87,30 +87,30 @@ You can perform this task by using the Group Policy Management Console for an Ap
     </thead>
     <tbody>
     <tr class="odd">
-    <td align="left"><p>Applies to <strong>Any publisher</strong></p></td>
-    <td align="left"><p>This is the least restrictive scope condition for an <strong>Allow</strong> rule. It permits every packaged app to run or install.</p>
-    <p>Conversely, if this is a <strong>Deny</strong> rule, then this option is the most restrictive because it denies all apps from installing or running.</p></td>
+    <td align="left"><p>Applies to <b>Any publisher</b></p></td>
+    <td align="left"><p>This is the least restrictive scope condition for an <b>Allow</b> rule. It permits every packaged app to run or install.</p>
+    <p>Conversely, if this is a <b>Deny</b> rule, then this option is the most restrictive because it denies all apps from installing or running.</p></td>
     <td align="left"><p>You want the Sales group to use any packaged app from any signed publisher. You set the permissions to allow the Sales group to be able to run any app.</p></td>
     </tr>
     <tr class="even">
-    <td align="left"><p>Applies to a specific <strong>Publisher</strong></p></td>
+    <td align="left"><p>Applies to a specific <b>Publisher</b></p></td>
     <td align="left"><p>This scopes the rule to all apps published by a particular publisher.</p></td>
     <td align="left"><p>You want to allow all your users to install apps published by the publisher of Microsoft.BingMaps. You could select Microsoft.BingMaps as a reference and choose this rule scope.</p></td>
     </tr>
     <tr class="odd">
-    <td align="left"><p>Applies to a <strong>Package name</strong></p></td>
+    <td align="left"><p>Applies to a <b>Package name</b></p></td>
     <td align="left"><p>This scopes the rule to all packages that share the publisher name and package name as the reference file.</p></td>
     <td align="left"><p>You want to allow your Sales group to install any version of the Microsoft.BingMaps app. You could select the Microsoft.BingMaps app as a reference and choose this rule scope.</p></td>
     </tr>
     <tr class="even">
-    <td align="left"><p>Applies to a <strong>Package version</strong></p></td>
+    <td align="left"><p>Applies to a <b>Package version</b></p></td>
     <td align="left"><p>This scopes the rule to a particular version of the package.</p></td>
     <td align="left"><p>You want to be very selective in what you allow. You do not want to implicitly trust all future updates of the Microsoft.BingMaps app. You can limit the scope of your rule to the version of the app currently installed on your reference computer.</p></td>
     </tr>
     <tr class="odd">
     <td align="left"><p>Applying custom values to the rule</p></td>
-    <td align="left"><p>Selecting the <strong>Use custom values</strong> check box allows you to adjust the scope fields for your particular circumstance.</p></td>
-    <td align="left"><p>You want to allow users to install all Microsoft.Bing* applications which include Microsoft.BingMaps, Microsoft.BingWeather, Microsoft.BingMoney. You can choose the Microsoft.BingMaps as a reference, select the <strong>Use custom values</strong> check box and edit the package name field by adding “Microsoft.Bing*” as the Package name.</p></td>
+    <td align="left"><p>Selecting the <b>Use custom values</b> check box allows you to adjust the scope fields for your particular circumstance.</p></td>
+    <td align="left"><p>You want to allow users to install all Microsoft.Bing* applications which include Microsoft.BingMaps, Microsoft.BingWeather, Microsoft.BingMoney. You can choose the Microsoft.BingMaps as a reference, select the <b>Use custom values</b> check box and edit the package name field by adding “Microsoft.Bing*” as the Package name.</p></td>
     </tr>
     </tbody>
     </table>
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md
index 3cac5abbce..c43cf96fee 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md
@@ -99,9 +99,9 @@ The following table provides an example of how to list applications for each bus
 </tbody>
 </table>
  
-&gt;<strong>Note:</strong>  AppLocker only supports publisher rules for Universal Windows apps. Therefore, collecting the installation path information for Universal Windows apps is not necessary.
+&gt;<b>Note:</b>  AppLocker only supports publisher rules for Universal Windows apps. Therefore, collecting the installation path information for Universal Windows apps is not necessary.
  
-<strong>Event processing</strong>
+<b>Event processing</b>
 
 As you create your list of apps, you need to consider how to manage the events that are generated by user access, or you need to deny running those apps to make your users as productive as possible. The following list is an example of what to consider and what to record:
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md b/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
index 90bf198903..35e51ee350 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md
@@ -277,7 +277,7 @@ The following table is an example of what to consider and record.
 </tbody>
 </table>
  
-<strong>Policy maintenance policy</strong>
+<b>Policy maintenance policy</b>
 When applications are identified and policies are created for application control, then you can begin documenting how you intend to update those policies.
 The following table is an example of what to consider and record.
 <table>
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
index 5bfe8d38ed..1d132ac242 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md
@@ -131,7 +131,7 @@ An AppLocker policy deployment plan is the result of investigating which applica
 </tbody>
 </table>
  
-<strong>Event processing policy</strong>
+<b>Event processing policy</b>
 
 <table>
 <colgroup>
@@ -169,7 +169,7 @@ An AppLocker policy deployment plan is the result of investigating which applica
 </tbody>
 </table>
  
-<strong>Policy maintenance policy</strong>
+<b>Policy maintenance policy</b>
 
 <table>
 <colgroup>
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
index 7baf71b5df..a8bfeff845 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md
@@ -119,7 +119,7 @@ If your organization supports multiple Windows operating systems, app control po
 </ul></td>
 <td align="left"><p>AppLocker rules are only applied to computers running the supported versions of Windows, but SRP rules can be applied to all versions of Windows beginning with Windows XP and Windows Server 2003. For specific operating system version requirements, see <a href="requirements-to-use-applocker.md" data-raw-source="[Requirements to use AppLocker](requirements-to-use-applocker.md)">Requirements to use AppLocker</a>.</p>
 <div class="alert">
-<strong>Note</strong><br/><p>If you are using the Basic User security level as assigned in SRP, those privileges are not supported on computers running that support AppLocker.</p>
+<b>Note</b><br/><p>If you are using the Basic User security level as assigned in SRP, those privileges are not supported on computers running that support AppLocker.</p>
 </div>
 <div>
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md
index 2ddcbb332e..eab62e36b7 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md
@@ -119,7 +119,7 @@ The following table compares AppLocker to Software Restriction Policies.
 </tbody>
 </table>
 
-<strong>Application control function differences</strong>
+<b>Application control function differences</b>
 
 The following table compares the application control functions of Software Restriction Policies (SRP) and AppLocker.
 <table>
@@ -141,7 +141,7 @@ The following table compares the application control functions of Software Restr
 <td align="left"><p>SRP policies can be applied to all Windows operating systems beginning with Windows XP and Windows Server 2003.</p></td>
 <td align="left"><p>AppLocker policies apply only to those supported operating system versions and editions listed in <a href="requirements-to-use-applocker.md" data-raw-source="[Requirements to use AppLocker](requirements-to-use-applocker.md)">Requirements to use AppLocker</a>. But these systems can also use SRP.</p>
 <div class="alert">
-<strong>Note</strong><br/><p>Use different GPOs for SRP and AppLocker rules.</p>
+<b>Note</b><br/><p>Use different GPOs for SRP and AppLocker rules.</p>
 </div>
 <div>
 

Cryptographic Module	Version (link to Security Policy)	FIPS Certificate #	Algorithms	Cryptographic Module	Version (link to Security Policy)	FIPS Certificate #	Algorithms
Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)
Kernel Mode Cryptographic Primitives Library (cng.sys)	Kernel Mode Cryptographic Primitives Library (cng.sys)	6.2.9200	#1891	FIPS Approved algorithms: AES (Certs. #2197 and #2216); DRBG (Certs. #258 and #259); ECDSA (Cert. #341); HMAC (Cert. #1345); KAS (Cert. #36); KBKDF (Cert. #3); PBKDF (vendor affirmed); RNG (Cert. #1110); RSA (Certs. #1133 and #1134); SHS (Cert. #1903); Triple-DES (Cert. #1387) @@ -791,10 +791,10 @@ Validated Editions: Windows 7, Windows 7 SP1
Cryptographic Module	Version (link to Security Policy)	FIPS Certificate #	Algorithms	Cryptographic Module	Version (link to Security Policy)	FIPS Certificate #	Algorithms
Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)
Cryptographic Module	Version (link to Security Policy)	FIPS Certificate #	Algorithms	Cryptographic Module	Version (link to Security Policy)	FIPS Certificate #	Algorithms
Boot Manager (bootmgr)