[13972] in cryptography@c2.net mail archive
Re: PRNG design document?
daemon@ATHENA.MIT.EDU (Ben Laurie)
Fri Aug 29 14:54:31 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 29 Aug 2003 11:13:42 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: tls@rek.tjls.com
Cc: cryptography@metzdowd.com
In-Reply-To: <20030826011500.GA27321@rek.tjls.com>
Thor Lancelot Simon wrote:
> On Fri, Aug 22, 2003 at 10:00:14AM -0700, Bob Baldwin PlusFive wrote:
>
>>Tim,
>> One issue to consider is whether the system
>>that includes the PRNG will ever need a FIPS-140-2
>>rating. For example, people are now working on
>>a FIPS-140 validation for OpenSSL. If so, then
>>the generator for keys and IVs MUST be a FIPS
>>approved algorithm, whether or not there are
>
>
> That's not quite right.
>
> 1) Various entities have already had various versions of
> OpenSSL FIPS-140-2 certified.
The validation is for the source of OpenSSL, and will be rolled into the
release, this is what is new.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
