Date: Sat, 10 Apr 2004 13:51:35 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Mark Murray <mark@grondar.org> Cc: Colin Percival <colin.percival@wadham.ox.ac.uk> Subject: Re: cvs commit: src/sys/modules/random Makefile src/sys/dev/random harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c randomdev.h randomdev_soft.c randomdev_soft.h yar Message-ID: <Pine.NEB.3.96L.1040410135042.73138H-100000@fledge.watson.org> In-Reply-To: <200404100859.i3A8xj0w066454@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 10 Apr 2004, Mark Murray wrote: > Colin Percival writes: > > Is there any reason we can't just have an rc.conf variable > > entropy_trust_the_spooks = "YES" > > which allows users to choose between optimal performance and > > possible problems if the entropy source isn't as good as the > > vendor claims? > > Sure, that is possible, but I have an aversion to building something > that is too complicated, because sooner-or-later someone is going to > stumble over a previously unthought-of combination and create an > embarrassing incident. I'd rather keep it simple. Sounds like what you need RandomGraph so you can arbitrarily plug and play processing on sources of entropy :-). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Senior Research Scientist, McAfee Research
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1040410135042.73138H-100000>