Re: [dsfjdssdfsd] specifying an RNG

["Joseph Salowey (jsalowey)" <jsalowey@cisco.com>]

On Nov 15, 2013, at 9:21 AM, Yaron Sheffer <yaronf.ietf@gmail.com>
 wrote:

> Hi Dan,
> 
> While I'm fully supportive of what you're out to achieve, I'm not clear on what it is :-)
> 
> Option A: specify requirements for an RNG (must mix multiple sources of randomness, must survive state disclosure, the output must not reveal the internal state for a standard attacker model, etc.)
> 

[Joe] Yes

> Option B1: specify the deterministic part of an RNG, i.e. the crypto algorithm.
> 

[Joe] Yes, except choose an exiting RNG and describe how to use it to meet requirements in A

> Option B2: specify the deterministic part, as well as the randomness sources (I'm avoiding the E word...).
> 

[Joe] While this is somewhat out of scope we ought to provide whatever guidance we can so folks can avoid common implementation errors.  I think there are useful recommendations we can make based on the list of issues posted on a different thread. 

> Option A is important but most of us don't like requirements documents...
> 
> Option B1 is certainly fun, but traditionally such work has not been done in the IETF. In most cases we have recommended or adopted work done by other standards bodies or even individual cryptographers.
> 
> Option B2 is IMHO too OS-specific to be useful.
> 
> So which is it?
> 
> Thanks,
>     Yaron
> 
> _______________________________________________
> dsfjdssdfsd mailing list
> dsfjdssdfsd@ietf.org
> https://www.ietf.org/mailman/listinfo/dsfjdssdfsd