From owner-freebsd-current  Tue Jul 18 10:16:58 2000
Delivered-To: freebsd-current@freebsd.org
Received: from mail2.netcologne.de (mail2.netcologne.de [194.8.194.103])
	by hub.freebsd.org (Postfix) with ESMTP id 4C93937B6AC
	for <current@FreeBSD.ORG>; Tue, 18 Jul 2000 10:16:51 -0700 (PDT)
	(envelope-from pherman@frenchfries.net)
Received: from bagabeedaboo.security.at12.de (dial-195-14-235-75.netcologne.de [195.14.235.75])
	by mail2.netcologne.de (8.9.3/8.9.3) with ESMTP id TAA02602;
	Tue, 18 Jul 2000 19:16:48 +0200 (MET DST)
Received: from localhost (localhost.security.at12.de [127.0.0.1])
	by bagabeedaboo.security.at12.de (8.10.2/8.10.2) with ESMTP id e6IHGg806023;
	Tue, 18 Jul 2000 19:16:42 +0200 (CEST)
Date: Tue, 18 Jul 2000 19:16:42 +0200 (CEST)
From: Paul Herman <pherman@frenchfries.net>
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Cc: Vadim Belman <voland@mail.mobilix.dk>, current@FreeBSD.ORG
Subject: Re: randomdev entropy gathering is really weak 
In-Reply-To: <10791.963939817@critter.freebsd.dk>
Message-ID: <Pine.BSF.4.21.0007181910060.273-100000@bagabeedaboo.security.at12.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, 18 Jul 2000, Poul-Henning Kamp wrote:

> In message <20000718185841.B333@flow.isolve.dk>, Vadim Belman writes:
> 
> >	I mostly agree, but let's put it other way. A rare situation with a
> >local network with no external connection, no NTP servers. Just a server(s)
> >plus several clients. At least some of the clients are being treated as
> >untrusted (consider public terminals) and server has some critical
> >information on it.
> 
> Nobody talked about relying on *only* NTP for entropy, quite the 
> contrary in fact.

Just to quickly jump in (and out) here, I recall a thread that went on
for weeks in sci.crypt at the beginning of this year about the same
thing.  Before you all reinvent the wheel (and make this thread any
longer), I would suggest sauntering on over to dejanews.

For those who were patient enough to get past the usual banter, it was
quite enlightening, indeed.  They certainly have more of a clue about
these things than I would ever hope to have.

(Yes, they also talked about using NTP servers for gathering entropy.)

-Paul.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message