Dan McDonald wrote: > On Thu, Jan 14, 2010 at 09:07:43AM -0700, mark powers wrote: > >> Darren J Moffat wrote: >> >>> Dan McDonald wrote: >>> >>>> Let's say I have an app that uses /dev/random and can possibly >>>> contribute >>>> data to the pool. >>>> > > <SNIP!> > > >>> You can write as much as you like to /dev/random providing you have >>> permission to write to the device. We take what you give us with a >>> "grain of salt" and only use as much of it as we can deal with. >>> >> Darren is correct when he says "grain of salt". The effect of seeding is >> very small. Applications really don't need to seed the opensolaris >> /dev/random in order to get high quality numbers. Of course this might not >> be the case for other implementations of /dev/random on other operating >> systems. >> > > Would it be useful for an app to contribute back to the pool from which it > takes? It sounds like the answer is, "no." >
Correct - the answer is no. Silently throwing away bytes written to /dev/random was even considered at one time. > Dan > _______________________________________________ > crypto-discuss mailing list > crypto-discuss at opensolaris.org > http://mail.opensolaris.org/mailman/listinfo/crypto-discuss >
