On 1/12/2011 6:48 AM, Mark H. Wood wrote:
Oh, now I'm curious. How do they test the randomness of a single sample? "1" is every bit as random (or nonrandom) as "0xdcb4a459f014617692d112f0942c89cb".
They don't validate the number itself, they validatet hat the method by which the number was claimed to be generated meets the requirements for randomness and that the number was in fact generated by the method by which it was claimed to be generated.
One way is to have an auditor present during an ISO 21188 root key ceremony. Typically, the auditor examines the videotape of the root key ceremony, the notarized log book, the signed statements of the signatory and lawyer witnesses, and if necessary, questions the signatory witnesses.
DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
