BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Good and Bad Crypto
- Subject: [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Wed, 23 Apr 2014 17:06:08 -0400
- In-reply-to: <li6fvl3ye8a.fsf@panix5.panix.com>
- References: <20140423174046.GP3247@dragontoe.org> <53580798.6040309@gmail.com> <li6zjjbyi3c.fsf@panix5.panix.com> <535813B2.5030401@gmail.com> <li6fvl3ye8a.fsf@panix5.panix.com>
Mike Small wrote: > So this is kind of what troubles me in the line this thread has taken > re. checking that the encryption algorithms are well chosen and > implemented correctly. That's why the world trusts the cryptographic module in OpenSSL: it's been examined and confirmed to be implemented correctly where "correctly" is "what FIPS 140-2 says is correct". Microsoft's cryptographic library has undergone the same certification so I can say that it is implemented correctly to the same "what FIPS 140-2 says is correct". The world (and I) don't have the same trust for the GnuTLS cryptographic module because it doesn't have that certification. Heartbleed is something else entirely. It's not a failure to implement an algorithm properly. It's a stupid little hack to work around slow malloc() calls. -- Rich P.
- Follow-Ups:
- [Discuss] Good and Bad Crypto
- From: smallm at panix.com (Mike Small)
- [Discuss] Good and Bad Crypto
- References:
- [Discuss] Good and Bad Crypto
- From: invalid at pizzashack.org (Derek Martin)
- [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Good and Bad Crypto
- From: smallm at panix.com (Mike Small)
- [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Good and Bad Crypto
- From: smallm at panix.com (Mike Small)
- [Discuss] Good and Bad Crypto
- Prev by Date: [Discuss] Good and Bad Crypto
- Next by Date: [Discuss] Good and Bad Crypto
- Previous by thread: [Discuss] Good and Bad Crypto
- Next by thread: [Discuss] Good and Bad Crypto
- Index(es):