From owner-freebsd-audit  Tue Nov 30  8: 7:27 1999
Delivered-To: freebsd-audit@freebsd.org
Received: from dozer.skynet.be (dozer.skynet.be [195.238.2.36])
	by hub.freebsd.org (Postfix) with ESMTP
	id 361C315941; Tue, 30 Nov 1999 08:06:53 -0800 (PST)
	(envelope-from root@foxbert.skynet.be)
Received: from foxbert.skynet.be (foxbert.skynet.be [195.238.1.45])
	by dozer.skynet.be (8.9.3/odie-relay-v1.0) with ESMTP id RAA14850;
	Tue, 30 Nov 1999 17:06:52 +0100 (MET)
Received: (from root@localhost)
	by foxbert.skynet.be (8.9.1/jovi-pop-2.1) id RAA11680;
	Tue, 30 Nov 1999 17:06:46 +0100 (MET)
Mime-Version: 1.0
X-Sender: blk@foxbert.skynet.be
Message-Id: <v04205508b469a5aaabae@[195.238.21.204]>
In-Reply-To: <19991130105241.A279@spirit.jaded.net>
References: <Pine.BSF.4.21.9911291427180.19254-100000@hub.freebsd.org>
 <v04205504b46953e472c1@[195.238.21.204]>
 <19991130105241.A279@spirit.jaded.net>
Date: Tue, 30 Nov 1999 17:05:59 +0100
To: Dan Moschuk <dan@FreeBSD.ORG>
From: Brad Knowles <blk@skynet.be>
Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern
 kern_fork.c   src/sys/libkern arc4random.c src/sys/sys libkern.h
Cc: Kris Kennaway <kris@hub.freebsd.org>,
	Dan Moschuk <dan@FreeBSD.ORG>, Bruce Evans <bde@zeta.org.au>,
	Mike Smith <msmith@FreeBSD.ORG>, audit@FreeBSD.ORG,
	Warner Losh <imp@village.org>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 10:52 AM -0500 1999/11/30, Dan Moschuk wrote:

> Right, but I think you miss the point.  Yarrow WILL be reviewed by third
> parties whether it is in our kernel or not.

	I think I understand that point.


	The point I was trying to make is that I feel that the FreeBSD 
audit project needs to have its own cryptographer/ultra-paranoid 
security aware programmer to review Yarrow immediately, and not only 
confirm that the crypto is using well-known algorithms, but also that 
all the other stuff is written in a sufficiently paranoid manner.

	I'm not sure we can afford to wait for others (presumably 
including Schneier) to review Yarrow and give it a stamp of "I 
haven't been able to break or discover serious weaknesses yet" 
approval, which will presumably come years on down the line. 
Although we need this too, we also have a more immediate need.

-- 
   These are my opinions -- not to be taken as official Skynet policy
  ____________________________________________________________________
|o| Brad Knowles, <blk@skynet.be>            Belgacom Skynet NV/SA |o|
|o| Systems Architect, News & FTP Admin      Rue Col. Bourg, 124   |o|
|o| Phone/Fax: +32-2-706.11.11/12.49         B-1140 Brussels       |o|
|o| http://www.skynet.be                     Belgium               |o|
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
  Unix is like a wigwam -- no Gates, no Windows, and an Apache inside.
   Unix is very user-friendly.  It's just picky who its friends are.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message