Re: [saag] NIST requests comments on using ISO/IEC 19790:2012 as the U.S. Federal Standard for cryptographic modules

Jeffrey Walton <noloader@gmail.com> Sun, 13 September 2015 15:56 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4F751B40C9 for <saag@ietfa.amsl.com>; Sun, 13 Sep 2015 08:56:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.7
X-Spam-Level:
X-Spam-Status: No, score=0.7 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RYDZ90-xuDNR for <saag@ietfa.amsl.com>; Sun, 13 Sep 2015 08:56:29 -0700 (PDT)
Received: from mail-ig0-x22c.google.com (mail-ig0-x22c.google.com [IPv6:2607:f8b0:4001:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06A121B40BB for <saag@ietf.org>; Sun, 13 Sep 2015 08:56:29 -0700 (PDT)
Received: by igcrk20 with SMTP id rk20so72052912igc.1 for <saag@ietf.org>; Sun, 13 Sep 2015 08:56:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:content-type; bh=ye7nvK6Y87QnhFUY2xFtpRsTWY42fIlxz+BGF+bz+jI=; b=Zhd48ajHWQeN5ifje9eE7f/+zbbyLqtMh524m+x8M/6D3Yel/tG1L57GOHCe3+j2TT fvdehM0Fe+dZsGEycM9GwD+5vo6jZJK8mAKJWEpt6v57j4YC/5KnNzVxru+zvrILPvh5 md6ofY5MpeghOzAzIaHDHQb4drEcvnLoG3BVJRe9RxBvflG8uqCuVzSDnEXRcpf/Aew/ Htj48dlJGGSQJsk9xAh6t7leHYz3u+jpJkvvbFEO2ebnm8UmvQZFu2LfeEeD7ZSgI5Uv SQ4uUlau+y7pO7kDVXPmLofKs9jW19+O8mlT3XgJ6ikpZgAeNKajsaYcWfxrNB3M/Mud SsIQ==
MIME-Version: 1.0
X-Received: by 10.50.61.243 with SMTP id t19mr11127322igr.22.1442159788359; Sun, 13 Sep 2015 08:56:28 -0700 (PDT)
Received: by 10.36.123.131 with HTTP; Sun, 13 Sep 2015 08:56:28 -0700 (PDT)
In-Reply-To: <55CE5A40.3090804@cs.tcd.ie>
References: <55CE5A40.3090804@cs.tcd.ie>
Date: Sun, 13 Sep 2015 11:56:28 -0400
Message-ID: <CAH8yC8n3Fmy7LxXPh6gDJv75-EhHu0Ac1R0wLsHetOQSTTg+BQ@mail.gmail.com>
From: Jeffrey Walton <noloader@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "saag@ietf.org" <saag@ietf.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/jtCu55OsL4ua-d3DKe6cK-7CF9k>
Subject: Re: [saag] NIST requests comments on using ISO/IEC 19790:2012 as the U.S. Federal Standard for cryptographic modules
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: noloader@gmail.com
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Sep 2015 15:56:30 -0000

> As an FYI, those of you who are interested in cryptographic
> module APIs would probably be interested in this. [1] (partly
> copied below.)
>
> I'm told the ISO spec is behind a paywall, but haven't gone
> to look and see if there's a version freely available, so
> it's hard to know what kind of change this might represent.
> If someone has more info on that it might be useful to
> share that here.
>
Sorry to dig up an old thread. I just came across an example that
might help with some concerns:
http://luca-giuzzi.unibs.it/corsi/Support/papers-cryptography/1619-2007-NIST-Submission.pdf.

It appears the IEEE prepared the document to avoid the Paywall
problems like the ISO/IEC suffers (or more correctly, users suffer).

The document used to be available at
http://grouper.ieee.org/groups/1619tmp/1619-2007-NIST-Submission.pdf,
but it appears the IEEE webmaster broke the links. Luckily its still
available in Italy.

Jeff