>> SP 800-152 > Don't forget to look at SP 800-130 in parallel.
> Overall, an endless list of requirements that may be useful as a barrier > to entry in the US Federal Government IT security market. > That's why I'm going. To try and trim the obstructive requirements. If we're building on-chip key management to secure on-chip things from other on-chip things, requiring a human 'officer' to bless keys, IDs and entities is an impassable barrier. That spec needs a lobotomy. Either it gets fixed, or we ignore it. So I'll try one pass at fixing it and if that doesn't work, we'll move on. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography