If a vendor backdoors a product, and it is discovered by a researcher. Why would an org EVER trust that vendor again?
@bertjwregeer so 2 documents/requirements would show that ultimately? can you send me links?
-
-
@attritionorg nope, this is not a public project. -
@bertjwregeer FIPS-140 is public... no? -
@attritionorg yes, but the contract requiring rsa's bsafe implementation of fips 140 crypto is not public. -
@bertjwregeer that contract from the gov? if so, maybe open to FOIA? -
@attritionorg I wish it was open to scrutiny. Most of the requirements are insane/stupid and make no sense! -
@bertjwregeer i have no doubt .gov bureaucracy has created that exact situation. would love to see it exposed
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.