Date: Thu, 6 Sep 2012 06:59:19 +1000 From: Peter Jeremy <peter@rulingia.com> To: Doug Barton <dougb@freebsd.org> Cc: freebsd-security@freebsd.org, freebsd-rc@freebsd.org Subject: Re: svn commit: r239598 - head/etc/rc.d Message-ID: <20120905205919.GD2654@aspire.rulingia.com> In-Reply-To: <504687E1.3060203@FreeBSD.org> References: <201208222337.q7MNbORo017642@svn.freebsd.org> <5043E449.8050005@FreeBSD.org> <1346638718.1140.573.camel@revolution.hippie.lan> <50451041.9070302@FreeBSD.org> <1346789717.1140.675.camel@revolution.hippie.lan> <504687E1.3060203@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--P+33d92oIH25kiaB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2012-Sep-04 15:59:45 -0700, Doug Barton <dougb@freebsd.org> wrote: >I'm not sure I agree with that, since the combination of lower quality >input (the boilerplate) and higher quality (changing numbers) still >provides more bits to stir the pool with. Even though the average >quality is lower over the total number of bits I still think it's >probably more valuable to pump in the higher quantity given the internal >chewing that Yarrow does with the bits. I don't understand the point of feeding boilerplate into Yarrow. Yes, it will stir Yarrow's internal state but it does so in a predictable way so it doesn't add any entropy. On the downside, it doesn't appear to be possible to queue more than 4KB of input every 100msec - excess input is just discarded. This implies that feeding boilerplate into /dev/random just increases the probability that real entropy will be discarded. --=20 Peter Jeremy --P+33d92oIH25kiaB Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlBHvScACgkQ/opHv/APuIeYAgCgkpswJECvg09j61VhF5I/xqjb IYwAn1/NGKekUCoF9/YkelwcLZDWDDNE =r7Cu -----END PGP SIGNATURE----- --P+33d92oIH25kiaB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120905205919.GD2654>