[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim
From: |
Simon Josefsson |
Subject: |
[Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel |
Date: |
Thu, 06 Jul 2006 16:42:30 +0200 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux) |
Jeremiah Foster <address@hidden> writes:
> I think there is a cron shell script fix provided on the debian exim web
> site
It should probably be packaged, it seems to be the proper solution.
Also, exim probably shouldn't use the file if it is stale, i.e. if it
is too old. The parameters should be rebuilt once a day or so.
> and I have heard that /dev/urandom is somewhat more secure on
> linux than /dev/random, but that the security and efficiency issues
> are as you say, that is problematic.
/dev/random blocks when no more entropy is available, /dev/urandom
doesn't block. The data is the same if the entropy pool is not empty,
if the entropy pool is empty, the /dev/urandom data will be less good.
However, it seems both devices aren't state-of-the-art (P)RNG's, so
the output shouldn't be trusted too much; libgcrypt does additional
mixing, which is sadly probably necessary.
/Simon
- [Help-gnutls] Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Jeremiah Foster, 2006/07/06
- [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Simon Josefsson, 2006/07/06
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
- [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Jeremiah Foster, 2006/07/06
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
- [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel,
Simon Josefsson <=
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/06
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Florian Weimer, 2006/07/07
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Nikos Mavrogiannopoulos, 2006/07/08
- Re: [Help-gnutls] Re: Previous bug in Debian regarding entropy Gnu-TLS, Exim-4.60, 2.4 kernel, Florian Weimer, 2006/07/12