From owner-freebsd-current Mon Jun 26 13:29:55 2000 Delivered-To: freebsd-current@freebsd.org Received: from cypherpunks.ai (cypherpunks.ai [209.88.68.47]) by hub.freebsd.org (Postfix) with ESMTP id 4AC2C37BCAD; Mon, 26 Jun 2000 13:29:42 -0700 (PDT) (envelope-from jeroen@vangelderen.org) Received: from vangelderen.org (grolsch.ai [209.88.68.214]) by cypherpunks.ai (Postfix) with ESMTP id B36464D; Mon, 26 Jun 2000 16:29:37 -0400 (AST) Message-ID: <3957BD31.633CF3D2@vangelderen.org> Date: Mon, 26 Jun 2000 16:29:37 -0400 From: "Jeroen C. van Gelderen" X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Mark Murray Cc: Kris Kennaway , freebsd-current@FreeBSD.ORG Subject: Re: HEADS UP! New (incomplete) /dev/random device! References: <200006260603.IAA20922@grimreaper.grondar.za> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Mark Murray wrote: > > > On Sun, 25 Jun 2000, Warner Losh wrote: > > > > > Some days is OK, imho. Much more than that and I'd begin to worry. > > > Much more than a week or two and I'd worry a lot. I'll go put a note > > > in updating right now. > > > > That's okay with me too. People should just not upgrade their work > > machines for the next few days until entropy is fixed. > > Upgrading is fine; just don't build certificates/credentials. Upgrading is *not* fine. Everything that uses high-quality randomness is broken. This includes SSH, PGP, GnuPG, Apache/SSL random pid generation and what not. No, upgrading is not fine at all. Cheers, Jeroen -- Jeroen C. van Gelderen o _ _ _ jeroen@vangelderen.org _o /\_ _ \\o (_)\__/o (_) _< \_ _>(_) (_)/<_ \_| \ _|/' \/ (_)>(_) (_) (_) (_) (_)' _\o_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message