From owner-freebsd-current  Sun Jul 23  0:33:54 2000
Delivered-To: freebsd-current@freebsd.org
Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138])
	by hub.freebsd.org (Postfix) with ESMTP
	id E0B0937B9AD; Sun, 23 Jul 2000 00:33:46 -0700 (PDT)
	(envelope-from mark@grondar.za)
Received: from grimreaper.grondar.za (localhost [127.0.0.1])
	by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id JAA92112;
	Sun, 23 Jul 2000 09:33:35 +0200 (SAST)
	(envelope-from mark@grimreaper.grondar.za)
Message-Id: <200007230733.JAA92112@grimreaper.grondar.za>
To: Kris Kennaway <kris@FreeBSD.org>
Cc: current@FreeBSD.org
Subject: Re: randomdev entropy gathering is really weak 
References: <Pine.BSF.4.21.0007221515150.26717-100000@freefall.freebsd.org> 
In-Reply-To: <Pine.BSF.4.21.0007221515150.26717-100000@freefall.freebsd.org> ; from Kris Kennaway <kris@FreeBSD.org>  "Sat, 22 Jul 2000 15:19:29 MST."
Date: Sun, 23 Jul 2000 09:33:34 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> The core of my complaint is that even though our old PRNG did crappy
> entropy handling, we used to have such a method, which is now gone. I'd
> like to see yarrow hang off /dev/urandom and have /dev/random tap directly
> into the entropy pool (perhaps a third pool separate from Yarrow's
> fast/slow) so I can generate my large keys safely.

By your own admission, the old system was bad; yet you still want
${it}? You'd like to see a programmer with less experience than
Schneier come up with a more secure algorithm than him?

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message