Re: towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)

2010-08-27 Thread Richard Salz
(For what it's worth, I find your style of monocase and ellipses so incredibly difficult to read that I usually delete your postings unread.) as previously mentioned, somewhere back behind everything else ... there is strong financial motivation in the sale of the SSL domain name digital

Re: questions about RNGs and FIPS 140

2010-08-27 Thread Thomas
Hello. Am Donnerstag 26 August 2010 12:25:55 schrieb Jerry Leichter: [...] 4) What about VMs? Rolling back a deterministic RNG on those systems gives the same values unless/until you re-seed with something new to this iteration I'm not sure what you mean by rolling back. Yes, if you

Re: questions about RNGs and FIPS 140

2010-08-27 Thread Thor Lancelot Simon
On Fri, Aug 27, 2010 at 07:20:06PM +1200, Peter Gutmann wrote: No. If you choose your eval lab carefully you can sneak in a TRNG somewhere as input to your PRNG, but you can't get a TRNG certified, and if you're unlucky you won't be allowed to use a TRNG at all. I am surprised you'd have