[Cryptography] SP800-90A B & C
David Johnston
dj at deadhat.com
Sun Nov 10 16:22:31 EST 2013
On 11/10/2013 12:09 PM, Watson Ladd wrote:
> On Fri, Nov 8, 2013 at 2:10 PM, David Johnston <dj at deadhat.com> wrote:
>> For those with insomnia issues, I have submitted public comments to NIST
>> against SP800-90A, B and C.
>>
> I disagree with some of these comments, and agree with others, but I
> think it would be productive to have a broader discussion of the
> issues you raise (modulo
> editorial foibles)
>
A good standards process is iterative and convergent. So comments can be
discussed and resolved before the standard is updated.
Unfortunately the NIST process looks nothing like a normal standard process.
Some of my comments were about the way the spec and FIPS make it hard to
add multiple sources. I would like to enable users to add their own
trusted sources so they can ensure randomness is robust.
More information about the cryptography
mailing list