cvs commit: src/sys/modules/random Makefile src/sys/dev/random
harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c
randomdev.h randomdev_soft.c randomdev_soft.h yar
rwatson at FreeBSD.org
Sat Apr 10 10:52:04 PDT 2004
On Sat, 10 Apr 2004, Mark Murray wrote:
> Colin Percival writes:
> > Is there any reason we can't just have an rc.conf variable
> > entropy_trust_the_spooks = "YES"
> > which allows users to choose between optimal performance and
> > possible problems if the entropy source isn't as good as the
> > vendor claims?
> Sure, that is possible, but I have an aversion to building something
> that is too complicated, because sooner-or-later someone is going to
> stumble over a previously unthought-of combination and create an
> embarrassing incident. I'd rather keep it simple.
Sounds like what you need RandomGraph so you can arbitrarily plug and play
processing on sources of entropy :-).
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Senior Research Scientist, McAfee Research
More information about the cvs-src