From owner-freebsd-java@FreeBSD.ORG  Thu Oct  2 04:10:35 2003
Return-Path: <owner-freebsd-java@FreeBSD.ORG>
Delivered-To: freebsd-java@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7B29516A4B3
	for <freebsd-java@freebsd.org>; Thu,  2 Oct 2003 04:10:35 -0700 (PDT)
Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk
	[81.2.69.218])	by mx1.FreeBSD.org (Postfix) with ESMTP id 8A8DD43FD7
	for <freebsd-java@freebsd.org>; Thu,  2 Oct 2003 04:10:32 -0700 (PDT)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1])
	h92BABBB013916
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Thu, 2 Oct 2003 12:10:24 +0100 (BST)
	(envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk)
Received: (from matthew@localhost)id h92BABG4013915;
	Thu, 2 Oct 2003 12:10:11 +0100 (BST)	(envelope-from matthew)
Date: Thu, 2 Oct 2003 12:10:11 +0100
From: Matthew Seaman <matthew@cryptosphere.com>
To: Panagiotis Astithas <past@noc.ntua.gr>
Message-ID: <20031002111011.GC13305@happy-idiot-talk.infracaninophile.co.uk>
Mail-Followup-To: Panagiotis Astithas <past@noc.ntua.gr>,
	James Adams <seventyforty@hotmail.com>, freebsd-java@freebsd.org
References: <Law14-F63x4FR0rmTIV00003acd@hotmail.com>
	<3F7C0299.1000001@noc.ntua.gr>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="B4IIlcmfBL/1gGOG"
Content-Disposition: inline
In-Reply-To: <3F7C0299.1000001@noc.ntua.gr>
User-Agent: Mutt/1.5.4i
X-Spam-Status: No, hits=-4.8 required=5.0 tests=AWL,BAYES_00 autolearn=ham 
	version=2.60
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on 
	happy-idiot-talk.infracaninophile.co.uk
cc: freebsd-java@freebsd.org
cc: James Adams <seventyforty@hotmail.com>
Subject: Re: SSL on Java 1.4.1 native port
X-BeenThere: freebsd-java@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Porting Java to FreeBSD <freebsd-java.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-java>,
	<mailto:freebsd-java-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-java>
List-Post: <mailto:freebsd-java@freebsd.org>
List-Help: <mailto:freebsd-java-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-java>,
	<mailto:freebsd-java-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Oct 2003 11:10:35 -0000


--B4IIlcmfBL/1gGOG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Oct 02, 2003 at 01:48:57PM +0300, Panagiotis Astithas wrote:

> I' ve had similar symptoms using SSL+Tomcat and I overcame them using=20
> rndcontrol to put some more interrupts (ethernet & clock, IIRC) to seed=
=20
> the PRNG.

Using the clock interrupt won't introduce any randomness into the
PRNG... The randomness that is derived from interrupts comes out of
the unpredictability of the time gap between them.  That obviously
doesn't apply to the clock interrupt.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

--B4IIlcmfBL/1gGOG
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQE/fAeTdtESqEQa7a0RAqQGAKCTK+pcy1WsbOYaD3cWXnvOJOUhzACfRndB
XZ582XYFuAPWX/M/QfouL3s=
=DMU0
-----END PGP SIGNATURE-----

--B4IIlcmfBL/1gGOG--