No, like the title says, that is "NOT The Orange Book". Many (read all) of the people I worked with at WPAFB and the contractor sites were confused by the deluge that NCSC put out and called the Rainbow Series. In an attempt to give clues to the realities involved, I wrote the condensations and then wrapped a body around the skeleton formed by them. If one reads the information there, one will see that that is what it purports to be. NTOB is not a site, it is the title of the book (paper published with an orange cover, of course). ((I thought of using cyan (not.orange) but no one got the joke but the squints and precious few of them.) Of course, not having seen what Sandia was givn, I an only assume that DOD 5200.28-STD is what Sandia was given. It IS what was I was working from, along with the other toys put out by various governmental bodies. PHM bill payne wrote:
Monday 11/2/98 7:55 AM
PaulMerrill@ACM.Org
I looked at the orange book at NOT the Orange Book - http://www.jya.com/ntob.htm
NSA employee Tom White http://jya.com/nsasuit.txt got me a copy of I was told was THE NSA orange book for Sandias implementation of the NSA Benincasa nss/uso authentication algorithm..
The report I saw was concerned about implementation of cryptographic units.
Things like shielding, power filtering, red-black boundaries, shift register compromising signals, some software guidelines,.... The soft-cover report was mostly hardware-oriented.
What I see at jya.com is not the orange book Sandia was given.
bill payne
<<snip>>