Re: [dsfjdssdfsd] specifying an RNG
Michael Hammer <michael.hammer@yaanatech.com> Fri, 15 November 2013 18:41 UTC
Return-Path: <michael.hammer@yaanatech.com>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F05F11E80F5 for <dsfjdssdfsd@ietfa.amsl.com>; Fri, 15 Nov 2013 10:41:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.247
X-Spam-Level:
X-Spam-Status: No, score=-2.247 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SARE_SUB_11CONS_WORD=0.352]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id poN0HGRIs2ZZ for <dsfjdssdfsd@ietfa.amsl.com>; Fri, 15 Nov 2013 10:41:02 -0800 (PST)
Received: from email1.corp.yaanatech.com (webmail10.yaanatech.com [63.128.177.10]) by ietfa.amsl.com (Postfix) with ESMTP id 23D6B21F9E4F for <dsfjdssdfsd@ietf.org>; Fri, 15 Nov 2013 10:41:02 -0800 (PST)
Received: from SC9-EX2K10MB1.corp.yaanatech.com ([fe80::149d:c2e1:8065:2a47]) by ex2k10hub1.corp.yaanatech.com ([::1]) with mapi id 14.01.0218.012; Fri, 15 Nov 2013 10:41:01 -0800
From: Michael Hammer <michael.hammer@yaanatech.com>
To: "yaronf.ietf@gmail.com" <yaronf.ietf@gmail.com>, "jsalowey@cisco.com" <jsalowey@cisco.com>
Thread-Topic: [dsfjdssdfsd] specifying an RNG
Thread-Index: AQHO4cdQpAJwDq2KTky44PY2jRF3GJonEL+AgAADwACAAANegP//iEkg
Date: Fri, 15 Nov 2013 18:40:59 +0000
Message-ID: <00C069FD01E0324C9FFCADF539701DB3BBEFB27D@sc9-ex2k10mb1.corp.yaanatech.com>
References: <f1fa93561577c1866315495de82b5437.squirrel@www.trepanning.net> <5286580F.3050105@gmail.com> <573A5C4A-290D-4942-A113-B7E4315E9198@cisco.com> <52865E07.6020105@gmail.com>
In-Reply-To: <52865E07.6020105@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.17.100.231]
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0023_01CEE208.51358200"
MIME-Version: 1.0
Cc: "dsfjdssdfsd@ietf.org" <dsfjdssdfsd@ietf.org>, "dharkins@lounge.org" <dharkins@lounge.org>
Subject: Re: [dsfjdssdfsd] specifying an RNG
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Nov 2013 18:41:06 -0000
I was wondering if the output would be a combination of a Ten Commandments and Roadmap. (Note, ten is not a magic number) The first part identifying the most common mistakes to avoid and what approaches help to avoid that. The second part pointing to organizations or bodies of work that can be referenced to dive deeper. Mike -----Original Message----- From: dsfjdssdfsd-bounces@ietf.org [mailto:dsfjdssdfsd-bounces@ietf.org] On Behalf Of Yaron Sheffer Sent: Friday, November 15, 2013 12:47 PM To: Joseph Salowey (jsalowey) Cc: <dsfjdssdfsd@ietf.org>; Dan Harkins Subject: Re: [dsfjdssdfsd] specifying an RNG Works for me, including the caveat on adopting an already vetted RNG. Yaron On 11/15/2013 07:34 PM, Joseph Salowey (jsalowey) wrote: > > On Nov 15, 2013, at 9:21 AM, Yaron Sheffer <yaronf.ietf@gmail.com> > wrote: > >> Hi Dan, >> >> While I'm fully supportive of what you're out to achieve, I'm not clear on what it is :-) >> >> Option A: specify requirements for an RNG (must mix multiple sources of randomness, must survive state disclosure, the output must not reveal the internal state for a standard attacker model, etc.) >> > > [Joe] Yes > >> Option B1: specify the deterministic part of an RNG, i.e. the crypto algorithm. >> > > [Joe] Yes, except choose an exiting RNG and describe how to use it to meet requirements in A > >> Option B2: specify the deterministic part, as well as the randomness sources (I'm avoiding the E word...). >> > > [Joe] While this is somewhat out of scope we ought to provide whatever guidance we can so folks can avoid common implementation errors. I think there are useful recommendations we can make based on the list of issues posted on a different thread. > >> Option A is important but most of us don't like requirements documents... >> >> Option B1 is certainly fun, but traditionally such work has not been done in the IETF. In most cases we have recommended or adopted work done by other standards bodies or even individual cryptographers. >> >> Option B2 is IMHO too OS-specific to be useful. >> >> So which is it? >> >> Thanks, >> Yaron >> >> _______________________________________________ >> dsfjdssdfsd mailing list >> dsfjdssdfsd@ietf.org >> https://www.ietf.org/mailman/listinfo/dsfjdssdfsd > _______________________________________________ dsfjdssdfsd mailing list dsfjdssdfsd@ietf.org https://www.ietf.org/mailman/listinfo/dsfjdssdfsd
- [dsfjdssdfsd] specifying an RNG Dan Harkins
- Re: [dsfjdssdfsd] specifying an RNG Eric Burger
- Re: [dsfjdssdfsd] specifying an RNG Donald Eastlake
- Re: [dsfjdssdfsd] specifying an RNG Yaron Sheffer
- Re: [dsfjdssdfsd] specifying an RNG Joseph Salowey (jsalowey)
- Re: [dsfjdssdfsd] specifying an RNG Yaron Sheffer
- Re: [dsfjdssdfsd] specifying an RNG Michael Hammer
- Re: [dsfjdssdfsd] specifying an RNG Dan Harkins
- Re: [dsfjdssdfsd] specifying an RNG Russ Housley
- Re: [dsfjdssdfsd] specifying an RNG Russ Housley
- Re: [dsfjdssdfsd] specifying an RNG Dan Harkins