On Sun, Dec 1, 2013 at 12:27 PM, <[email protected]> wrote: > ... > I would not characterize the Linux RNG issue as "fully resolved" in any > way. Until every CPU maker includes a source of entropy by design (instead > of by accident).
for my own uses, and what i feel reasonable requirements, i would agree that Linux is not usable without a hardware entropy source. userspace entropy collectors without hardware entropy are useful and complementary but not alone sufficient. the lack of pervasive hardware entropy sources is the most frustrating aspect, and the slowest to make progress. i like Marsh Ray's earlier descriptive story[0] of the current paralysis in this sense, even if a cop out and inexcusable when employed by vendors and chip designers. the work that you have done to make hardware entropy sources readily available in Intel chips should be commended, and i certainly appreciate it. i will however continue to complain until it is even better, with configurable access to the raw entropy samples for those who wish to evaluate or run the TRNG in this mode. best regards, 0. "[cryptography] Duplicate primes in lots of RSA moduli" - Marsh Ray Wed Feb 22 16:55:39 EST 2012 http://lists.randombit.net/pipermail/cryptography/2012-February/002438.html """ I'm putting myself in the position of an engineer who's designing the logic and writing some low-level firmware for the next consumer grade $50 blue box home router/wifi/firewall appliance:... """ _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
