Rick Moen via luv-main writes:
>> But if you stay clear of the particular NIST EC option, then other EC
>> options are okay.
>
> Well, that's the interesting question, isn't it? It's not at all clear
> that such are OK. (Please see links.) Much has necessarily been cast
> into doubt.
My (armchair, inexpert) impression is that this isn't a reasonable
inference.
It'd be like saying "the wheel feel off my bicycle, therefore all
wheeled vehicles are suspect".
> For me specifically as opposed to most people here, the subversion of
> NIST was particularly irritating because it's funded by _my_ tax
> dollars. ('Their recommendtions' were seemingly fed to them by No Such
> Agency -- and NIST had the abysmal judgement to accept same uncritically.)
You may also wish to be angry about more broadly, about
https://en.wikipedia.org/wiki/FIPS_140-2#Reception
http://opensslrampage.org/post/83555615721/the-future-or-lack-thereof-of-libressls-fips
You may also wish to be angry about the slow takeup of IPSec.
ISTR rumours of the NSA filibustering the design committee,
with the goal of making it so painful to use that most people wouldn't bother.
Mission accomplished.
_______________________________________________
luv-main mailing list
[email protected]
https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-main
