cvs commit: src/sys/modules/random Makefile src/sys/dev/random harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c randomdev.h randomdev_soft.c randomdev_soft.h yar

Mark Murray mark at
Sat Apr 10 02:00:21 PDT 2004

Colin Percival writes:
>   Is there any reason we can't just have an rc.conf variable
> entropy_trust_the_spooks = "YES"
> which allows users to choose between optimal performance and
> possible problems if the entropy source isn't as good as the
> vendor claims?

Sure, that is possible, but I have an aversion to building something
that is too complicated, because sooner-or-later someone is going
to stumble over a previously unthought-of combination and create
an embarrassing incident.

I'd rather keep it simple.

Mark Murray
iumop ap!sdn w,I idlaH

More information about the cvs-src mailing list