[Cryptography] FIPS 140 testing hurting secure random bit generation
Salz, Rich
rsalz at akamai.com
Mon Nov 4 10:25:38 EST 2013
> I recommend just ignoring FIPS 140, it is such a waste of time and money.
This is often not an option if you want to sell your product to (parts of) the US Government.
On a related manner, I was recently told that IBM is "beginning to stop" getting its products Common Criteria certified.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
More information about the cryptography
mailing list