Masataka Ohta <[email protected]> writes:
> Hi, Hosnieh,
>
>> Do you think it will be relevant to this document or it can be
>> another informational document only discuss about the
>> vulnerabilities of cryptographic algorithms?
>
> As I said, it is a known vulnerability. That is, we don't
> need a generic new document very much.
>
> However, Snowden taught us that we must avoid any fancy
> cryptography strongly promoted by NIST, including all the
> EC related ones, which may be documented somewhere.
It is unclear to me that ECC as a generic technology is bad, although
any specific curves creates by NIST/NSA are certainly suspect.
Having said that, Dual-EC-DRBG is a Random Number Generator, not a Hash,
Public Key, or Cipher algorithm, and we don't use it in DNS for
anything, AFAIK.
> Masataka Ohta
-derek
--
Derek Atkins 617-623-3745
[email protected] www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
