From owner-freebsd-hackers  Sun Dec 29  0:50: 3 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D29C537B401
	for <freebsd-hackers@freebsd.org>; Sun, 29 Dec 2002 00:50:02 -0800 (PST)
Received: from puffin.mail.pas.earthlink.net (puffin.mail.pas.earthlink.net [207.217.120.139])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 507EB43EC2
	for <freebsd-hackers@freebsd.org>; Sun, 29 Dec 2002 00:49:52 -0800 (PST)
	(envelope-from tlambert2@mindspring.com)
Received: from pool0164.cvx21-bradley.dialup.earthlink.net ([209.179.192.164] helo=mindspring.com)
	by puffin.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128)
	(Exim 3.33 #1)
	id 18SZ8c-0000xS-00; Sun, 29 Dec 2002 00:49:38 -0800
Message-ID: <3E0EB6CF.6D1BFAD6@mindspring.com>
Date: Sun, 29 Dec 2002 00:48:15 -0800
From: Terry Lambert <tlambert2@mindspring.com>
X-Mailer: Mozilla 4.79 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: kientzle@acm.org
Cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: Can dhclient rely on /dev/random?
References: <3E0E02F3.6030205@acm.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a4f5e67a32691c30a23b734f0eb3213fd8350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Tim Kientzle wrote:
> The obvious fix would alter dhclient to rely only
> on /dev/random for entropy.  (It seems this code is
> common to bind as well.)

The "obvious fix", I think, is to just use the boot time as
the start for the exponential backoff.  The only place this
might be a problem is in a big installation where a lot of
machines come on at the same time.  That's probably going to
melt your building's wiring, anyway.  8-).


> Technical Question: is /dev/random sufficient
> for the cryptographic requirements of programs
> like dhclient, bind, etc?

Uh, what "cryptographic requirements" of dhclient?


-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message