Re: new /dev/random
From: Paul Rubin (//phr.cx_at_NOSPAM.invalid)
Date: 10/06/04
- Next message: Paul Tomkins: "That was my point exactly"
- Previous message: Anne & Lynn Wheeler: "Re: How can I act as a Certificate Authority (CA) with openssl ??"
- Maybe in reply to: Guy Macon: "Re: new /dev/random"
- Next in thread: Paul Rubin: "Re: new /dev/random"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 06 Oct 2004 14:08:20 -0700
Jean-Luc Cooke <jlcooke@engsoc.org> writes:
> My patch satifies all the assuptions the legacay /dev/random does since
> it keeps all the blocking behaviour and entropy estimation.
Your patch is pointless unless it has some concrete claim to improving
on the legacy system. The legacy system has a known bug. Why does
your patch duplicate the bug instead of fixing it?
> The recomendation that wdagner and team suggested "seed every compile of
> the RNG with some data from /dev/urandom at compile-time" is being looked
> at right now, I want to do it cleanly.
I think Bodo Moeller's suggestion of putting something into the boot
sequence is also worthwhile, though it falls outside the kernel. I'd
say it's cleanest to just put it into the bootup command line, e.g.
grub> kernel /vmlinuz randomiv=aa64c5313d01b3a2 ....
Alternatively, maybe it could go into the initrd image. This stuff is
outside my area though.
- Next message: Paul Tomkins: "That was my point exactly"
- Previous message: Anne & Lynn Wheeler: "Re: How can I act as a Certificate Authority (CA) with openssl ??"
- Maybe in reply to: Guy Macon: "Re: new /dev/random"
- Next in thread: Paul Rubin: "Re: new /dev/random"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
