From owner-cvs-src@FreeBSD.ORG  Sat Apr 10 02:00:21 2004
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id B076316A4CE; Sat, 10 Apr 2004 02:00:21 -0700 (PDT)
Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.157.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 31D9C43D3F; Sat, 10 Apr 2004 02:00:21 -0700 (PDT)
	(envelope-from mark@grondar.org)
Received: from storm.FreeBSD.org.uk (Ugrondar@localhost [127.0.0.1])
	i3A90KWc053219;	Sat, 10 Apr 2004 10:00:20 +0100 (BST)
	(envelope-from mark@grondar.org)
Received: (from Ugrondar@localhost)i3A90KCk053218;
	Sat, 10 Apr 2004 10:00:20 +0100 (BST)
	(envelope-from mark@grondar.org)
X-Authentication-Warning: storm.FreeBSD.org.uk: Ugrondar set sender to
	mark@grondar.org using -f
Received: from grondar.org (localhost [127.0.0.1])i3A8xj0w066454;
	Sat, 10 Apr 2004 09:59:45 +0100 (BST)
	(envelope-from mark@grondar.org)
From: Mark Murray <mark@grondar.org>
Message-Id: <200404100859.i3A8xj0w066454@grimreaper.grondar.org>
To: Colin Percival <colin.percival@wadham.ox.ac.uk>
In-Reply-To: Your message of "Sat, 10 Apr 2004 09:39:58 BST."
             <6.0.1.1.1.20040410093354.07d96008@imap.sfu.ca> 
Date: Sat, 10 Apr 2004 09:59:45 +0100
Sender: mark@grondar.org
X-Spam-Score: 4 (****) FROM_NO_LOWER,MSGID_FROM_MTA_SHORT
X-Scanned-By: MIMEDefang 2.39
cc: cvs-src@FreeBSD.org
cc: src-committers@FreeBSD.org
cc: cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/modules/random Makefile src/sys/dev/random
	harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c
	randomdev.h randomdev_soft.c randomdev_soft.h yar 
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Apr 2004 09:00:21 -0000

Colin Percival writes:
>   Is there any reason we can't just have an rc.conf variable
> entropy_trust_the_spooks = "YES"
> which allows users to choose between optimal performance and
> possible problems if the entropy source isn't as good as the
> vendor claims?

Sure, that is possible, but I have an aversion to building something
that is too complicated, because sooner-or-later someone is going
to stumble over a previously unthought-of combination and create
an embarrassing incident.

I'd rather keep it simple.

M
--
Mark Murray
iumop ap!sdn w,I idlaH