At 12:36 AM +1300 2/21/08, Peter Gutmann wrote:
mcgrew <mcgrew at cisco.com> writes:Winston Churchill said that democracy is the worst form of government, except for all of the others. I think that the same is true for the FIPS-140 cryptomodule validation process ;-)I think it's more a case of the Politician's Fallacy: 1. Something must be done. 2. This is something. 3. This must be done. It'd be interesting to see a study of the effectiveness in terms of finding security and interop problems of:
since I and others have pointed out several times that FIPS 140 eval has nothing to do with protocol interoperability, the reference to "interoo" above must be viewed purely within the context of crypto algorithms and modes thereof.
A. A FIPS 140 eval. B. Running the code through Fortify/Coverity/whatever and completing a crypto exchange with a peer (TLS, S/MIME, PGP, whatever the underlying crypto is that's being used). in particular in terms of return for effort-involved. Peter.
FIPS 140 encompasses both hardware and software implementations of crypto modules. I see its greatest benefits in the context of the former. The process described above does not address hardware security module eval at all.
Steve
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.