On Mon, 10 Dec 2007 11:27:10 -0500
Vin McLellan <[EMAIL PROTECTED]> wrote:
>
> What does it say about the integrity of the FIPS program, and its
> CMTL evaluation process, when it is left to competitors to point out
> non-compliance of evaluated products -- proprietary or open source --
> to basic architectural requirements of the standard?
>
"Integrity" or "ability"? We all know that finding problems in code or
architecture is *very* hard.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
