[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RE: Safe Key Generation

To: pww@xxxxxxxxxxx, ietf-pkix@xxxxxxxxxx
Subject: Re: RE: Safe Key Generation
From: Bob Jueneman <BJUENEMAN@xxxxxxxxxx>
Date: Wed, 02 Jul 1997 11:12:06 -0600

Peter sent this to me off the list, but I would be very remiss if I did not
acknowledge the significant contribution that Entrust has made, even as a
Canadian company, in getting their product certified against the US FIPS
140-1 standard.

But unless I slept though something momentous, I never heard of a C2 version
of Windows  3.1 or Windows 95, for that matter.  Windows NT, yes, maybe, if
properly installed, although I don't believe Microsoft has received their
official NCSC certification yet (I may be wrong -- I know it is coming). 
And to the best of my knowledge, that certification goes out the Window (no
pun intended) as soon as you connect NT to a network.  And how many NT's do
you know of that are not connected to a network?

But my real point was, without some Truth in Advertising labeling of the
vcertificate or of each digital signature, how do you know?  And without
knowing, how can you really know how much credence to associate with any
particular digital signature?

Bob

>>> Peter Whittaker <pww@entrust.com> 07/02/97 05:21AM >>>
>At 10:08 AM -0700 7/1/97, Bob Jueneman wrote:
>>How many user key pairs do you know of that were generated on TCSEC-rated
A1
>>systems using FIPS 140-1 rated level 4 cryptographic implementations? 
None,
>>you say?  OK, how many key pairs do you know of that were at least
generated
>>on a C2 rated system, using a FIPS 140-1 level 1 rated crypto?  Again,
>>virtually none, you say?

I missed the original post, so sorry for jumping in a post or two late.

Virtually none?  To be perfectly pedantic, you are probably right, given
that most people do not run a C2 version of Windows 3.1.  To be more
practical, the Entrust cryptomodule was FIPS 140-1 level 1 validated
under the C2 flavour of Windows 3.1.  Given that the cryptomodule code
is the same under C2 Windows and non-C2 Windows, then we can guess that
some significant fraction of Entrust signing key pairs were so generated
(guessing a significant fraction based on the idea that only some of the
non-C2 Windows boxes out there have been compromised).

pww

Follow-Ups:
- Re: RE: Safe Key Generation
  - From: Stephen Kent

Prev by Date: Re: registering a new object identifier
Next by Date: CFP: 1998 SNDSS (updated; last reminder!)
Previous by thread: registering a new object identifier
Next by thread: Re: RE: Safe Key Generation
Index(es):
- Date
- Thread