From owner-freebsd-arch@FreeBSD.ORG Fri Sep 6 16:10:07 2013 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 0943FD6B; Fri, 6 Sep 2013 16:10:07 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from co9outboundpool.messaging.microsoft.com (co9ehsobe002.messaging.microsoft.com [207.46.163.25]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C49D72BA6; Fri, 6 Sep 2013 16:10:06 +0000 (UTC) Received: from mail180-co9-R.bigfish.com (10.236.132.225) by CO9EHSOBE025.bigfish.com (10.236.130.88) with Microsoft SMTP Server id 14.1.225.22; Fri, 6 Sep 2013 16:10:00 +0000 Received: from mail180-co9 (localhost [127.0.0.1]) by mail180-co9-R.bigfish.com (Postfix) with ESMTP id 009443A0260; Fri, 6 Sep 2013 16:10:00 +0000 (UTC) X-Forefront-Antispam-Report: CIP:66.129.224.53; KIP:(null); UIP:(null); IPV:NLI; H:P-EMF01-SAC.jnpr.net; RD:none; EFVD:NLI X-SpamScore: 2 X-BigFish: VPS2(zz1432Izz1f42h208ch1ee6h1de0h1fdah2073h1202h1e76h1d1ah1d2ah1fc6h1082kzzz2fh2a8h839hd25hf0ah1288h12a5h12a9h12bdh12e5h137ah139eh13b6h1441h14ddh1504h1537h162dh1631h1758h1898h18e1h1946h19b5h1ad9h1b0ah1b2fh1b88h1fb3h1d0ch1d2eh1d3fh1de2h1dfeh1dffh1e23h1fe8h1ff5h1155h) Received-SPF: pass (mail180-co9: domain of juniper.net designates 66.129.224.53 as permitted sender) client-ip=66.129.224.53; envelope-from=sjg@juniper.net; helo=P-EMF01-SAC.jnpr.net ; SAC.jnpr.net ; Received: from mail180-co9 (localhost.localdomain [127.0.0.1]) by mail180-co9 (MessageSwitch) id 1378483798230017_14605; Fri, 6 Sep 2013 16:09:58 +0000 (UTC) Received: from CO9EHSMHS021.bigfish.com (unknown [10.236.132.235]) by mail180-co9.bigfish.com (Postfix) with ESMTP id 339E194004C; Fri, 6 Sep 2013 16:09:58 +0000 (UTC) Received: from P-EMF01-SAC.jnpr.net (66.129.224.53) by CO9EHSMHS021.bigfish.com (10.236.130.31) with Microsoft SMTP Server (TLS) id 14.16.227.3; Fri, 6 Sep 2013 16:09:57 +0000 Received: from magenta.juniper.net (172.17.27.123) by P-EMF01-SAC.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.146.0; Fri, 6 Sep 2013 09:09:56 -0700 Received: from chaos.jnpr.net (chaos.jnpr.net [172.24.29.229]) by magenta.juniper.net (8.11.3/8.11.3) with ESMTP id r86G9tL40251; Fri, 6 Sep 2013 09:09:55 -0700 (PDT) (envelope-from sjg@juniper.net) Received: from chaos.jnpr.net (localhost [127.0.0.1]) by chaos.jnpr.net (Postfix) with ESMTP id A34385807E; Fri, 6 Sep 2013 09:09:55 -0700 (PDT) To: Warner Losh Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion In-Reply-To: References: <20130816002625.GE76666@x96.org> <9B274F48-0C88-4117-BEAC-1A555772A3C5@grondar.org> <86a9kf733d.fsf@nine.des.no> <0C97B866-A169-4141-8368-AA7F5B5382F4@grondar.org> <861u5r71zi.fsf@nine.des.no> <892B11BD-396D-4F82-B97C-753F72CA494D@grondar.org> <86r4dr5j3p.fsf@nine.des.no> <4C1BD77C-8C6B-4044-9285-5978A3BC4B70@kientzle.com> <537622E1-F785-4BFA-B829-09DCDB484606@grondar.org> <932AB5CA-778E-438D-8FD3-8C0F29F3D117@kientzle.com> <20130823231808.GT94127@funkthat.com> <0ABD5A7F-D647-4958-92DB-79D277C9AE7C@grondar.org> Comments: In-reply-to: Warner Losh message dated "Fri, 06 Sep 2013 09:46:57 -0600." From: "Simon J. Gerraty" X-Mailer: MH-E 7.82+cvs; nmh 1.3; GNU Emacs 22.3.1 Date: Fri, 6 Sep 2013 09:09:55 -0700 Message-ID: <20130906160955.A34385807E@chaos.jnpr.net> MIME-Version: 1.0 Content-Type: text/plain X-OriginatorOrg: juniper.net X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn% Cc: FreeBSD Security Team , Mark R V Murray , FreeBSD-arch Arch X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Sep 2013 16:10:07 -0000 On Fri, 6 Sep 2013 09:46:57 -0600, Warner Losh writes: >Especially in light of the recent NSA revelations... I for one won't trust= > hardware random number generation... > >I find it interesting that earlier in the thread there was a desire by a ce= >rtain router company to fulfill the NSA's requirement that it use the rando= Be able to. I think we all prefer the idea of feeding entropy sources into a mixer like yarrow or even better fortuna.