svn commit: r239569 - head/etc/rc.d
RW
rwmaillists at googlemail.com
Tue Sep 11 21:27:35 UTC 2012
On Tue, 11 Sep 2012 13:54:41 -0700
Xin Li wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 09/11/12 12:53, RW wrote:
> > On Tue, 11 Sep 2012 13:28:51 +0200 Dag-Erling Smørgrav wrote:
> >
> >> Doug Barton <dougb at FreeBSD.org> writes:
> >>> 1. Pseudo-randomize the order in which we utilize the files in
> >>> /var/db/entropy
> >>
> >> There's no need for randomization if we make sure that *all* the
> >> data written to /dev/random is used, rather than just the first
> >> 4096 bytes; or that we reduce the amount of data to 4096 bytes
> >> before we write it so none of it is discarded. My gut feeling is
> >> that compression is better than hashing for that purpose,
> >
> > It's analogous to a passphrase, have you ever heard of a passphrase
> > being compressed rather than hashed?
>
> Passphrase hashing is a completely different topic, as what we wanted
> is a one-way function that can not be easily reversed, even when part
> of the passphrase is known.
I was refering to the conversion of a passphrase to key material
More information about the freebsd-security
mailing list