Read the details, Tom. The AES CTR_DRBG from SP 800-90 is the default PRNG and the ECDRBG is an optional PRNG that can be configured by the user or selected by the calling application.
So why does MS have both if you "know" they only added it for "blind compliance" with the spec?
XPSP3 just adds support for SHA2 to both the core crypto and certificate validation APIs. It does not add support for ECC or for the ECC PRNG. The RNG on XPSP3 is virtually unchanged from XPSP2.
The TLS key derivation function is hard coded to use SHA-1 and MD5 and there is no way in TLS to specify requiring or denying specific key lengths, asymmetric algorithms or hash functions in the certs for client or server authentication.
Tom Selleck as a robotics expert cop trying to stop Gene Simmons (of KISS fame) from creating an army of killer robots. Throw in a young (and much thinner) Kirstie Alley and its one great flick. And the climactic scene at the ending rocks!
Slashdot Mirror
If you take time to actually read, it says "Titles more appropriate for younger readers are indicated with an asterix" (sic) at the top of the page.
Read the details, Tom. The AES CTR_DRBG from SP 800-90 is the default PRNG and the ECDRBG is an optional PRNG that can be configured by the user or selected by the calling application.
So why does MS have both if you "know" they only added it for "blind compliance" with the spec?
XPSP3 just adds support for SHA2 to both the core crypto and certificate validation APIs. It does not add support for ECC or for the ECC PRNG. The RNG on XPSP3 is virtually unchanged from XPSP2.
Definitely not true at all.
d f
The TLS key derivation function is hard coded to use SHA-1 and MD5 and there is no way in TLS to specify requiring or denying specific key lengths, asymmetric algorithms or hash functions in the certs for client or server authentication.
This paper from Bellovin and Rescorla covers the issues with TLS, SMIME and IPSEC:
http://www.cs.columbia.edu/~smb/papers/new-hash.p
You can answer this question in 5 seconds on Amazon or Google... Axelson wrote a book on USB development as well. Check it out here
Plus The Big U which was re-released a couple years ago after being super hard to find. Its his first book, and a great read.
The books he wrote with his uncle under the pseudonym Stephen Bury are Interface and The Cobweb.
Not that anyone else will read this far, but I did and I still didn't see my favorite underappreciated geek scifi movie:
Runaway
Tom Selleck as a robotics expert cop trying to stop Gene Simmons (of KISS fame) from creating an army of killer robots. Throw in a young (and much thinner) Kirstie Alley and its one great flick. And the climactic scene at the ending rocks!