[12992] in cryptography@c2.net mail archive
Re: Via puts RNGs on new processors
daemon@ATHENA.MIT.EDU (t.c.jones@att.net)
Wed Apr 9 11:22:03 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
From: t.c.jones@att.net
To: pgut001@cs.auckland.ac.nz (Peter Gutmann)
Cc: don@mit.edu, cryptography@wasabisystems.com
Date: Wed, 09 Apr 2003 03:40:31 +0000
The POST is really the wrong place to put it. Nothing reads the POST data -
it is not std across anything. And the O/S is the code that is validated for
NIST. So the o/s would need to re-run the validation in any case. ..tom
> t.c.jones@att.net writes:
>
> >FIPS certification requires a certain miminal tests of RNG functionality
> >every time the process is started.
>
> Presumably we'd see this as a standard part of the POST (power-on self-test)
> option in Nehemiah-aware BIOSes, just as various other CPU-specific features
> are managed by specific BIOSes. There'd also be a "Continue anyway if TRNG
> test fails" option, enabled by default so as not to inconvenience users.
>
> Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
