[Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim

From:	Simon Josefsson
Subject:	[Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel
Date:	Thu, 06 Jul 2006 16:42:30 +0200
User-agent:	Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux)

Jeremiah Foster <address@hidden> writes:

> I think there is a cron shell script fix provided on the debian exim web
> site

It should probably be packaged, it seems to be the proper solution.

Also, exim probably shouldn't use the file if it is stale, i.e. if it
is too old.  The parameters should be rebuilt once a day or so.

> and I have heard that /dev/urandom is somewhat more secure on
> linux than /dev/random, but that the security and efficiency issues
> are as you say, that is problematic.

/dev/random blocks when no more entropy is available, /dev/urandom
doesn't block.  The data is the same if the entropy pool is not empty,
if the entropy pool is empty, the /dev/urandom data will be less good.
However, it seems both devices aren't state-of-the-art (P)RNG's, so
the output shouldn't be trusted too much; libgcrypt does additional
mixing, which is sadly probably necessary.

/Simon

[Prev in Thread]

Current Thread

[Next in Thread]

[Help-gnutls] Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Jeremiah Foster, 2006/07/06
- [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Simon Josefsson, 2006/07/06
  - Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
    - [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Simon Josefsson, 2006/07/06
    - Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Florian Weimer, 2006/07/06
  - [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Jeremiah Foster, 2006/07/06
    - Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
    - [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Simon Josefsson <=
    - Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
    - Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Florian Weimer, 2006/07/07
    - Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/08
    - Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Florian Weimer, 2006/07/12

Prev by Date: Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel
Next by Date: Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel
Previous by thread: Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel
Next by thread: Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel
Index(es):
- Date
- Thread