Date: Thu, 2 Jul 2015 12:13:54 -0700 From: Adrian Chadd <adrian.chadd@gmail.com> To: "Simon J. Gerraty" <sjg@juniper.net> Cc: Mark R V Murray <markm@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>, amesh@juniper.net, Steve Kiernan <stevek@juniper.net> Subject: Re: svn commit: r284959 - in head: . share/man/man4 share/man/man9 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe sys/dev/syscons sys/dev/ubsec sys/dev/virtio/random sy... Message-ID: <CAJ-Vmon1j47KFvwUKh1G3uY-HecLeNv9wYyZXvEYDnKoUMJzwg@mail.gmail.com> In-Reply-To: <322.1435863348@chaos> References: <201506301700.t5UH0jPq001498@svn.freebsd.org> <13981.1435792025@chaos> <5238A439-F25E-40F1-96D4-140460003982@FreeBSD.org> <22423.1435862187@chaos> <284B5FB4-F487-4FBA-ABE6-D163065AFD1B@FreeBSD.org> <322.1435863348@chaos>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2 July 2015 at 11:55, Simon J. Gerraty <sjg@juniper.net> wrote: > Mark R V Murray <markm@freebsd.org> wrote: >> If so, can I confirm that you may be rolling your own non-Yarrow/Fortuna >> mixer(s)? > > AFAIK no mixer allowed; just direct SP800-90 compliant HMAC-DRBG. > You can probably guess why we don't agree that's a brilliant arrangement > but its not an argument we can win. > > Same would apply for anyone else doing FIPS 140 evaled products. Could we please get something like this implemented in upstream FreeBSD? I'm sure a number of vendors would like to see a (not by default) FIPS-140 random number generator provided. It'd certainly be a good check list item for people evaluating the use of freebsd in an appliance. Thanks, -a
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-Vmon1j47KFvwUKh1G3uY-HecLeNv9wYyZXvEYDnKoUMJzwg>