From owner-freebsd-current Tue Jul 18 9:59:16 2000 Delivered-To: freebsd-current@freebsd.org Received: from flow.isolve.dk (flow.isolve.dk [195.249.214.175]) by hub.freebsd.org (Postfix) with ESMTP id 7FE8D37B677 for ; Tue, 18 Jul 2000 09:59:09 -0700 (PDT) (envelope-from voland@flow.isolve.dk) Received: (from voland@localhost) by flow.isolve.dk (8.9.3/8.9.3) id SAA03645 for current@FreeBSD.ORG; Tue, 18 Jul 2000 18:58:41 +0200 (CEST) (envelope-from voland) Date: Tue, 18 Jul 2000 18:58:41 +0200 From: Vadim Belman To: current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak Message-ID: <20000718185841.B333@flow.isolve.dk> Mail-Followup-To: current@FreeBSD.ORG References: <20000718183329.A333@flow.isolve.dk> <10659.963938620@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <10659.963938620@critter.freebsd.dk>; from phk@critter.freebsd.dk on Tue, Jul 18, 2000 at 06:43:40PM +0200 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Jul 18, 2000 at 06:43:40PM +0200, Poul-Henning Kamp wrote: > > And what if no network at all? > > Your need for random bits are quite a bit less urgent in that case. > > Remember: This is not about getting industry strength unbeatable > crypto. If you want that, you buy a hardware solution. > > This is about making a FreeBSD machine as good as we can in the > standard case. I mostly agree, but let's put it other way. A rare situation with a local network with no external connection, no NTP servers. Just a server(s) plus several clients. At least some of the clients are being treated as untrusted (consider public terminals) and server has some critical information on it. -- /Voland Vadim Belman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message