Yeah that's the one. It has to be FIPS 140-2 compliant or approved by NSA. Outside Type 1 devices or FIPS Level 3-4, both of those seem to suck in practice for security. One way or another, it doesn't get unless they approve it.
Edit to add: That covers the small selection of patents NSA licensed for use in their implementations (esp FIPS 140-2 products). There's around a hundred more of unknown effect. I'd love to see a detailed breakdown of those and risk posed in various ECC use cases.
Yeah that's the one. It has to be FIPS 140-2 compliant or approved by NSA. Outside Type 1 devices or FIPS Level 3-4, both of those seem to suck in practice for security. One way or another, it doesn't get unless they approve it.
Edit to add: That covers the small selection of patents NSA licensed for use in their implementations (esp FIPS 140-2 products). There's around a hundred more of unknown effect. I'd love to see a detailed breakdown of those and risk posed in various ECC use cases.