RFC Errata
RFC 4086, "Randomness Requirements for Security", June 2005
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 3106
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Florian Weimer
Date Reported: 2012-02-05
Rejected by: Sean Turner
Date Rejected: 2012-05-06
Section 4.4 says:
(see below)
It should say:
(remove entire section)
Notes:
Compression is not suitable for de-skewing, even if headers are removed. For most compression algorithms, discriminators are known. For instance, in gzip output, the most significant bit of each byte is set with a frequency somewhat above 0.501 (except for small inputs). This means that the output is not uniformly distributed even when looking at isolated bytes.
I recommend removal of the entire section.
--VERIFIER NOTES--
I agree with the author:
Just to be crystal clear, I believe there is no "error" here. Just a
judgement call as to whether Section 4.4 should have been included. My
judgement that it should be included was ratified by the IETF at the
time the RFC was approved.