Re: [dsfjdssdfsd] Any plans for drafts or discussions on here?

"Dan Harkins" <dharkins@lounge.org> Wed, 22 January 2014 23:36 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FEA21A0511 for <dsfjdssdfsd@ietfa.amsl.com>; Wed, 22 Jan 2014 15:36:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.867
X-Spam-Level:
X-Spam-Status: No, score=-3.867 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D9K7PNaiuV4W for <dsfjdssdfsd@ietfa.amsl.com>; Wed, 22 Jan 2014 15:36:02 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 145541A051F for <dsfjdssdfsd@ietf.org>; Wed, 22 Jan 2014 15:36:02 -0800 (PST)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 34D0E10224008; Wed, 22 Jan 2014 15:36:01 -0800 (PST)
Received: from 205.201.168.123 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Wed, 22 Jan 2014 15:36:01 -0800 (PST)
Message-ID: <5a5cccde75afefd7dee966083f641293.squirrel@www.trepanning.net>
In-Reply-To: <9CEB58EF-1102-458A-A215-AE4822C60FEE@vpnc.org>
References: <52DD996F.3040708@cs.tcd.ie> <CAF4+nEHEWaSr3HMuGtQ=vQzuuhkTo2uNpedUTNgmT5NsWRsTfA@mail.gmail.com> <30316745-8091-46AD-95A1-407757489FF9@vpnc.org> <e309a1b8c4a77ce1da4adfab1fc1db37.squirrel@www.trepanning.net> <F6B381C1-089D-4723-9A2C-7937C6C74EFB@vpnc.org> <eaa6cc3f162888d40834d61907256a26.squirrel@www.trepanning.net> <7F55125F-1669-4A36-A4A5-C1655CDCE77A@vpnc.org> <ebd5a19a1b00035e1493f019b5ca09e7.squirrel@www.trepanning.net> <9CEB58EF-1102-458A-A215-AE4822C60FEE@vpnc.org>
Date: Wed, 22 Jan 2014 15:36:01 -0800 (PST)
From: "Dan Harkins" <dharkins@lounge.org>
To: "Paul Hoffman" <paul.hoffman@vpnc.org>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: dsfjdssdfsd@ietf.org
Subject: Re: [dsfjdssdfsd] Any plans for drafts or discussions on here?
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd/>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jan 2014 23:36:03 -0000

On Wed, January 22, 2014 2:15 pm, Paul Hoffman wrote:
> On Jan 22, 2014, at 12:29 PM, Dan Harkins <dharkins@lounge.org> wrote:
>
>> On Wed, January 22, 2014 11:16 am, Paul Hoffman wrote:
>>  I'm still hoping that an Informational RFC on a good DRBG will be
>> generated.
>
> In your mind, who is the intended reader? Implementers of the good DRBG in
> an OS, or in an application, or both?

  If an OS developer feels he needs a DRBG then, yes, this would be for
him. And depending on the application, yes this would be for that
developer too.

>>>> The more people that implement anything will increase the probability
>>>> of
>>>> a broken implementation somewhere, I definitely agree. But it is an
>>>> accepted
>>>> economic truth that relying on a single source for anything is a bad
>>>> idea.
>>>
>>> That seems like a strawman: who says that there is a "single source" of
>>> ideas for how to implement randomness? Three large server OSs (Linux,
>>> FreeBSD, Windows) all do it differently.
>>
>>  The single source is "your OS".
>
> Ah, got it. Are you saying "if you are going to re-implement crypto
> primitives and not trust your OS, and one of the ones you are
> re-implementing is the DBRG, here is a best practice for how to do it"?

  It's not necessarily that you don't trust the OS, it's that you don't trust
that to be your sole source.

  Dan.