secure CRNGs and FIPS (Re: How important is FIPS 140-2 Level 1 cert?)
Matthias Bruestle
mbruestle at masktech.de
Mon Jan 8 06:48:55 EST 2007
Adam Back wrote:
> About the criticisms of Common Critera evaluation in general, I think
> why people complain it is a documentation exercise is because pretty
> much all it does ensure that it does what it says it does. So
> basically you have to enumerates threats, state what threats the
> system is designed to protect against, and which are out of scope.
>
> Then the rest of the documentation is just saying that in increasing
> detail, that you have not made mistakes in the design and
> specification and to some extent implementation.
CC has very good points. One of the best points is IMO the ST/PP concept
which encourages to think what to protect against what. And I do think
that most of the CC documents are helpful. But some, esp. these which
occupy the most paper, are IMO not worth their effort. These are the
low- and high-level design. They are meant to be the link between
specification and implementation, but I am sure that there are simpler
ways to show the link. And my experience is that these two documents do
not change the product in any way.
Matthias
--
Matthias Bruestle, Managing Director
Phone +49 (0) 91 19 55 14 91, Fax +49 (0) 91 19 55 14 97
MaskTech GmbH, Nordostpark 16, 90411 Nuernberg, Germany
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list