[CentOS] Elliptic curve on Centos 6.x
Adrian Sevcenco
Adrian.Sevcenco at cern.chFri Jan 3 11:36:02 UTC 2014
- Previous message: [CentOS] Elliptic curve on Centos 6.x
- Next message: [CentOS] Elliptic curve on Centos 6.x
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 01/03/2014 01:15 PM, Karanbir Singh wrote: > On 01/03/2014 11:01 AM, Adrian Sevcenco wrote: >> i was just blew away by this: >> "What almost all commentators have missed is >> that hidden away in the small print (and subsequently confirmed by our >> specific query) is that if you want to be FIPS 140-2 compliant you MUST >> use the compromised points." >> >> i even don't have words to comment on this!!! > > I tweeted about this exact point a few minutes ago; given the way and > what is compromised in what manner, and then work back to what FIPS is, > it helps dilute the shock. a bit. but then who's got the funds and > resources to re-work the fips process with a new codebase ? Will Red Hat ? at this point i am thinking: why bother (with re-certification)? because of this (among other things) the trust in "fips process" or other "official" processes is in free fall.. IMHO underlying problem is not that a cipher/process/code was compromised but that the supervising _trustworthy_ entity is in fact not trustworthy at all! Adrian
- Previous message: [CentOS] Elliptic curve on Centos 6.x
- Next message: [CentOS] Elliptic curve on Centos 6.x
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list