BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Good and Bad Crypto
- Subject: [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Thu, 24 Apr 2014 19:46:00 -0400
- In-reply-to: <li64n1jzx5e.fsf@panix5.panix.com>
- References: <14b5446b65314ece8402914040d7efb6@CO2PR04MB684.namprd04.prod.outlook.com> <5355DA7B.4070600@gmail.com> <53567FBD.4010101@gmail.com> <5356CDDB.2000506@gmail.com> <535705D7.1010203@gmail.com> <20140423155249.GO3247@dragontoe.org> <49d373ec082140dca299fecbb5067acd@CO2PR04MB684.namprd04.prod.outlook.com> <li64n1jzx5e.fsf@panix5.panix.com>
Mike Small wrote: > Btw. if having source code adds no value for verification, why do the > FIPS CMVP procedures ask for it for the "Design Assurance" part of their > review? > http://csrc.nist.gov/groups/STM/cmvp/documents/CMVPFAQ.pdf I'm surprised that nobody has chimed in on this one, yet, since quite a few of you have experienced ISO 9000 certification procedures. It's the same reason: documentation. Part of the validation process is examination of documents related to the product to ensure consistency with the submitted profiles. This includes comments in the source code. -- Rich P.
- References:
- [Discuss] Good and Bad Crypto
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Good and Bad Crypto
- From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Good and Bad Crypto
- From: tmetro+blu at gmail.com (Tom Metro)
- [Discuss] Good and Bad Crypto
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Good and Bad Crypto
- From: invalid at pizzashack.org (Derek Martin)
- [Discuss] Good and Bad Crypto
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Good and Bad Crypto
- From: smallm at panix.com (Mike Small)
- [Discuss] Good and Bad Crypto
- Prev by Date: [Discuss] Heartbleed and UDP
- Next by Date: [Discuss] Good and Bad Crypto
- Previous by thread: [Discuss] Good and Bad Crypto
- Next by thread: [Discuss] Good and Bad Crypto
- Index(es):
