From owner-freebsd-arch@FreeBSD.ORG  Fri Aug  9 17:38:25 2013
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 8CBC8E33;
 Fri,  9 Aug 2013 17:38:25 +0000 (UTC)
 (envelope-from mark@grondar.org)
Received: from gromit.grondar.org (grandfather.grondar.org
 [IPv6:2a01:348:0:15:5d59:5c20:0:2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 50DBA2633;
 Fri,  9 Aug 2013 17:38:25 +0000 (UTC)
Received: from graveyard.grondar.org ([88.96.155.33] helo=[192.168.42.211])
 by gromit.grondar.org with esmtpsa (TLSv1:AES128-SHA:128)
 (Exim 4.80.1 (FreeBSD)) (envelope-from <mark@grondar.org>)
 id 1V7qdq-00018L-Ee; Fri, 09 Aug 2013 18:38:23 +0100
Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular
 fashion
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
Content-Type: multipart/signed;
 boundary="Apple-Mail=_66292627-6D00-450B-86C0-5B09D574B328";
 protocol="application/pgp-signature"; micalg=pgp-sha512
From: Mark R V Murray <mark@grondar.org>
In-Reply-To: <CD5D58DE-C411-40D5-9A7E-79549D21D723@freebsd.org>
Date: Fri, 9 Aug 2013 18:38:33 +0100
Message-Id: <3B3D9F96-DF69-4B53-B6AE-C9C39BDDC8D7@grondar.org>
References: <20130807182858.GA79286@dragon.NUXI.org>
 <20130807192736.GA7099@troutmask.apl.washington.edu>
 <CAGE5yCq+s6kYtVYyxi27RAqPmvpV42nNNykm2+2x1EJGCihYXw@mail.gmail.com>
 <5203968D.7060508@freebsd.org>
 <7018AAA9-0A88-430F-96B7-867E5F529B36@bsdimp.com>
 <50BE6942-CC39-413C-8E14-C6B93440901B@grondar.org>
 <CD5D58DE-C411-40D5-9A7E-79549D21D723@freebsd.org>
To: Fabien Thomas <fabient@freebsd.org>
X-Mailer: Apple Mail (2.1508)
X-SA-Score: -2.2
Cc: freebsd-arch@freebsd.org
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Aug 2013 17:38:25 -0000


--Apple-Mail=_66292627-6D00-450B-86C0-5B09D574B328
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=us-ascii


On 9 Aug 2013, at 08:46, Fabien Thomas <fabient@freebsd.org> wrote:
> I also think this is the best option to have as a default:
> 
> - Keep a good software random
> - Add more source of entropy at early boot
> - Dont trust HW random (keep it as one probed source of seed)
> 
> User can choose to switch to pure HW random to replace SW.

I like! :-)

M
-- 
Mark R V Murray


--Apple-Mail=_66292627-6D00-450B-86C0-5B09D574B328
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQCVAwUBUgUpGd58vKOKE6LNAQrZfQP/RvRJjdxgKOstXyckT+Tqrw3mrFsNdxPz
ofAcMQ1f9Zm3+Zmd98zxVogFg3uHppdC85qxwyVpTLwbv5VdeZa+O2EXNsCjxA2O
c2uwb4IvyDglf1Br0JFwgnQbIlY1JQ+wWRdBuHT3rBNf45m/81qCo6p1JE61ieqJ
p0J1/bzsEj4=
=UN7K
-----END PGP SIGNATURE-----

--Apple-Mail=_66292627-6D00-450B-86C0-5B09D574B328--