Re: [saag] Algorithms/modes requested by users/customers
pgut001@cs.auckland.ac.nz (Peter Gutmann) Thu, 06 March 2008 05:38 UTC
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id m265cEpW027642 for <saag@PCH.mit.edu>; Thu, 6 Mar 2008 00:38:15 -0500
Received: from mit.edu (M24-004-BARRACUDA-1.MIT.EDU [18.7.7.111]) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id m265c360012830 for <saag@mit.edu>; Thu, 6 Mar 2008 00:38:03 -0500 (EST)
Received: from mailhost.auckland.ac.nz (curly.its.auckland.ac.nz [130.216.12.33]) by mit.edu (Spam Firewall) with ESMTP id 00D917E7152 for <saag@mit.edu>; Thu, 6 Mar 2008 00:38:01 -0500 (EST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mailhost.auckland.ac.nz (Postfix) with ESMTP id 01C9F9C693; Thu, 6 Mar 2008 18:38:00 +1300 (NZDT)
Received: from mailhost.auckland.ac.nz ([127.0.0.1]) by localhost (curly.its.auckland.ac.nz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aBfO28U-kvwx; Thu, 6 Mar 2008 18:37:59 +1300 (NZDT)
Received: from iris.cs.auckland.ac.nz (iris.cs.auckland.ac.nz [130.216.33.152]) by mailhost.auckland.ac.nz (Postfix) with ESMTP id 5D4019C68A; Thu, 6 Mar 2008 18:37:58 +1300 (NZDT)
Received: from wintermute01.cs.auckland.ac.nz (wintermute01.cs.auckland.ac.nz [130.216.34.38]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by iris.cs.auckland.ac.nz (Postfix) with ESMTP id 0221419EC0B8; Thu, 6 Mar 2008 18:37:58 +1300 (NZDT)
Received: from pgut001 by wintermute01.cs.auckland.ac.nz with local (Exim 4.63) (envelope-from <pgut001@wintermute01.cs.auckland.ac.nz>) id 1JX8nl-0005nH-Rl; Thu, 06 Mar 2008 18:37:57 +1300
From: pgut001@cs.auckland.ac.nz
To: pgut001@cs.auckland.ac.nz, rja@extremenetworks.com, SChokhani@cygnacom.com
In-Reply-To: <FAD1CF17F2A45B43ADE04E140BA83D483C50D9@scygexch1.cygnacom.com>
Message-Id: <E1JX8nl-0005nH-Rl@wintermute01.cs.auckland.ac.nz>
Sender: pgut001 <pgut001@cs.auckland.ac.nz>
Date: Thu, 06 Mar 2008 18:37:57 +1300
X-Spam-Score: 0.00
X-Spam-Flag: NO
X-Scanned-By: MIMEDefang 2.42
Cc: saag@mit.edu
Subject: Re: [saag] Algorithms/modes requested by users/customers
X-BeenThere: saag@mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: IETF Security Area Advisory Group <saag.mit.edu>
List-Unsubscribe: <http://mailman.mit.edu/mailman/listinfo/saag>, <mailto:saag-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/saag>
List-Post: <mailto:saag@mit.edu>
List-Help: <mailto:saag-request@mit.edu?subject=help>
List-Subscribe: <http://mailman.mit.edu/mailman/listinfo/saag>, <mailto:saag-request@mit.edu?subject=subscribe>
X-List-Received-Date: Thu, 06 Mar 2008 05:38:15 -0000
"Santosh Chokhani" <SChokhani@cygnacom.com> writes: >I do not think this is a forum for negotiations. Absolutely, that's why I pointed out that I wasn't taking it as a price quote, more to make a point. >But, we will be happy to do FIPS testing for your product for Level 1 for >quoted price. > >As to algorithms, all FIPS approved algorithms need to be tested. And there's the rub, it's not just handing over $30K and getting back a coloured certificate, you need to get the algorithms certified, prepare a ton of paperwork, spend a considerable amount of time on this, and that's where the $100K all-up figure comes from. If I could simply hand over $30K and the source code *with no further effort or expense on my behalf* I'd jump at the chance. Just to show that I'm not trying to pick on Cygnacom here I'll make this an open offer to anyone: If I can hand you $30K and a copy of my source code and you can get me a FIPS 140 cert for it without me incurring any additional effort or expense, please get in touch. >Have you yourself participated in a FIPS evaluation or have you looked at the >NIST FIPS 140-2 DTR and FIPS 140-2 IG (i.e. Implementation Guidance) >available on the Web? Probably about half a dozen directly (+/- one or two, I haven't kept an exact tally), and been involved indirectly in about a dozen more via discussions with (and listening to complaining about :-) others going through the process. (Again, YMMV, I haven't kept an exact tally on the latter, and in some cases it was nothing more than "what did you guys do to get past ...?", and sympathising with them over problems). Peter.
- [saag] Algorithms/modes requested by users/custom… Randall Atkinson
- Re: [saag] Algorithms/modes requested by users/cu… Paul Hoffman
- Re: [saag] Algorithms/modes requested by users/cu… Randall Atkinson
- Re: [saag] Algorithms/modes requested by users/cu… Stephen Kent
- Re: [saag] Algorithms/modes requested by users/cu… Randall Atkinson
- Re: [saag] Algorithms/modes requested by users/cu… Paul Hoffman
- Re: [saag] Algorithms/modes requested by users/cu… Paul Hoffman
- Re: [saag] Algorithms/modes requested by users/cu… Jack Lloyd
- Re: [saag] Algorithms/modes requested by users/cu… Paul Hoffman
- Re: [saag] Algorithms/modes requested by users/cu… mcgrew
- Re: [saag] Algorithms/modes requested by users/cu… Stephen Kent
- Re: [saag] Algorithms/modes requested by users/cu… Jon Callas
- Re: [saag] Algorithms/modes requested by users/cu… Peter Gutmann
- Re: [saag] Algorithms/modes requested by users/cu… Peter Gutmann
- Re: [saag] Algorithms/modes requested by users/cu… Steven M. Bellovin
- Re: [saag] Algorithms/modes requested by users/cu… Peter Gutmann
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani
- Re: [saag] Algorithms/modes requested by users/cu… Randall Atkinson
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani
- Re: [saag] Algorithms/modes requested by users/cu… Randall Atkinson
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani
- Re: [saag] Algorithms/modes requested by users/cu… Randall Atkinson
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani
- Re: [saag] Algorithms/modes requested by users/cu… Jon Callas
- Re: [saag] Algorithms/modes requested by users/cu… Stephen Kent
- Re: [saag] Algorithms/modes requested by users/cu… mcgrew
- Re: [saag] Algorithms/modes requested by users/cu… Vishwas Manral
- Re: [saag] Algorithms/modes requested by users/cu… Peter Gutmann
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani
- Re: [saag] Algorithms/modes requested by users/cu… Peter Gutmann
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani
- Re: [saag] Algorithms/modes requested by users/cu… Stephen Kent
- Re: [saag] Algorithms/modes requested by users/cu… Peter Gutmann
- Re: [saag] Algorithms/modes requested by users/cu… Ben Laurie
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani
- Re: [saag] Algorithms/modes requested by users/cu… Santosh Chokhani