From owner-cvs-src@FreeBSD.ORG  Sat Apr 10 10:52:03 2004
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id EF1C616A4CE; Sat, 10 Apr 2004 10:52:03 -0700 (PDT)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 8F79443D3F; Sat, 10 Apr 2004 10:52:03 -0700 (PDT)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (localhost [127.0.0.1])
	by fledge.watson.org (8.12.10/8.12.10) with ESMTP id i3AHpaPq083108;
	Sat, 10 Apr 2004 13:51:36 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Received: from localhost (robert@localhost)i3AHpZC9083105;
	Sat, 10 Apr 2004 13:51:36 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Sat, 10 Apr 2004 13:51:35 -0400 (EDT)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: Mark Murray <mark@grondar.org>
In-Reply-To: <200404100859.i3A8xj0w066454@grimreaper.grondar.org>
Message-ID: <Pine.NEB.3.96L.1040410135042.73138H-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: cvs-src@FreeBSD.org
cc: src-committers@FreeBSD.org
cc: cvs-all@FreeBSD.org
cc: Colin Percival <colin.percival@wadham.ox.ac.uk>
Subject: Re: cvs commit: src/sys/modules/random Makefile src/sys/dev/random
	harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c
	randomdev.h randomdev_soft.c randomdev_soft.h yar 
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Apr 2004 17:52:04 -0000


On Sat, 10 Apr 2004, Mark Murray wrote:

> Colin Percival writes:
> >   Is there any reason we can't just have an rc.conf variable
> > entropy_trust_the_spooks = "YES"
> > which allows users to choose between optimal performance and
> > possible problems if the entropy source isn't as good as the
> > vendor claims?
> 
> Sure, that is possible, but I have an aversion to building something
> that is too complicated, because sooner-or-later someone is going to
> stumble over a previously unthought-of combination and create an
> embarrassing incident. I'd rather keep it simple. 

Sounds like what you need RandomGraph so you can arbitrarily plug and play
processing on sources of entropy :-). 

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Senior Research Scientist, McAfee Research