On Tue, Dec 11, 2007 at 04:00:42PM -0500, Leichter, Jerry wrote:
| It is, of course, the height of irony that the bug was introduced in
| the very process, and for the very purpose, of attaining FIPS
| compliance!
|
| But also to be expected, because the feature in question is
|
| It is, of course, the height of irony that the bug was introduced in
| the very process, and for the very purpose, of attaining FIPS
| compliance!
|
| But also to be expected, because the feature in question is
| unnatural: the software needs a testable PRNG to pass the compliance
| tests,
On Mon, 10 Dec 2007 11:27:10 -0500
Vin McLellan [EMAIL PROTECTED] wrote:
What does it say about the integrity of the FIPS program, and its
CMTL evaluation process, when it is left to competitors to point out
non-compliance of evaluated products -- proprietary or open source --
to basic
Vin McLellan wrote:
What does it say about the integrity of the FIPS program, and its CMTL
evaluation process, when it is left to competitors to point out
non-compliance of evaluated products -- proprietary or open source -- to
basic architectural requirements of the standard?
Enter
| What does it say about the integrity of the FIPS program, and its CMTL
| evaluation process, when it is left to competitors to point out
| non-compliance of evaluated products -- proprietary or open source --
| to basic architectural requirements of the standard?
I was going to ask the same