[CentOS] Can we trust RedHAt encryption tools?
Robert Moskowitz
rgm at htt-consult.com
Thu Jan 9 22:37:03 UTC 2014
On 01/09/2014 05:28 PM, John R Pierce wrote:
> On 1/9/2014 2:20 PM, Eero Volotinen wrote:
>> It might be easier to compromise security of commercial products as source
>> code is not available.
> they seem to have succeeded in compromising STANDARDS and ALGORITHMS, to
> heck with implementations.
Only algorithm they compromised was an RNG that got pretty strong thumbs
down from the real cryptographers. They have not compromised any IETF
standard; maybe kept quite about a problem, but have not put holes in
any. Most of our problems with TLS is implementations and backwards
compatiblity options.
More information about the CentOS
mailing list