[148116] in cryptography@c2.net mail archive
Re: [Cryptography] SP800-90A B & C
daemon@ATHENA.MIT.EDU (dj@deadhat.com)
Mon Nov 11 17:45:13 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <F299418B-E187-435F-A8BC-C9E7397BF23B@gmail.com>
Date: Mon, 11 Nov 2013 21:22:09 -0000
From: dj@deadhat.com
To: "Cryptography" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
>
> I'm still not sure where we run into problems with (a) (there's some 140-2
> guidance that requires callers of RNGs to be authenticated at higher
> validation levels--that may cause problems), and at least so far I don't
> have an actual example of a FIPS lab refusing to allow a 90A DRBG to use
> additional input from an off-module unauthenticated source, (if you have
> one, please let me know) but I think this is something we can address in
> guidance on 90A.
>
My comments point to the source of the problem being in the spec and ask
for resolution with specificity.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
