[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [saag] Algorithms/modes requested by users/customers

From: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
To: mcgrew at cisco.com, rja at extremenetworks.com, saag at mit.edu
Date: Thu, 21 Feb 2008 00:36:39 +1300
In-reply-to: <C3E06DA4.4AB3%mcgrew at cisco.com>

mcgrew <mcgrew at cisco.com> writes:

>Winston Churchill said that democracy is the worst form of government, except
>for all of the others.  I think that the same is true for the FIPS-140
>cryptomodule validation process ;-)

I think it's more a case of the Politician's Fallacy:

1. Something must be done.
2. This is something.
3. This must be done.

It'd be interesting to see a study of the effectiveness in terms of finding
security and interop problems of:

A. A FIPS 140 eval.

B. Running the code through Fortify/Coverity/whatever and completing a crypto
   exchange with a peer (TLS, S/MIME, PGP, whatever the underlying crypto is
   that's being used).

in particular in terms of return for effort-involved.

Peter.

Follow-Ups:
- Re: [saag] Algorithms/modes requested by users/customers
  - From: Ben Laurie
- Re: [saag] Algorithms/modes requested by users/customers
  - From: mcgrew
- Re: [saag] Algorithms/modes requested by users/customers
  - From: Stephen Kent
- Re: [saag] Algorithms/modes requested by users/customers
  - From: Steven M. Bellovin

References:
- Re: [saag] Algorithms/modes requested by users/customers
  - From: mcgrew

Prev by Date: Re: [saag] Algorithms/modes requested by users/customers
Next by Date: Re: [saag] Algorithms/modes requested by users/customers
Previous by thread: Re: [saag] Algorithms/modes requested by users/customers
Next by thread: Re: [saag] Algorithms/modes requested by users/customers
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.