How much does this "unrandomness" matter?
How often are keys generated? If only once per program, then does it really
matter if the keys are generated randomly or from my mothers maiden name?
Leif
----- Original Message -----
From: "Jacques A . Vidrine" <[EMAIL PROTECTED]>
To: "Kris Kennaway" <[EMAIL PROTECTED]>
Cc: "Mark Murray" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Monday, June 26, 2000 3:25 PM
Subject: Re: HEADS UP! New (incomplete) /dev/random device!
> On Sun, Jun 25, 2000 at 12:55:47PM -0700, Kris Kennaway wrote:
> > > > I don't know which applications depend on /dev/random providing
entropy
> > > > and which gather their own.
> > SSH and SSL should not be used: PGP should be okay.
>
> FWIW, a quick look indicates:
>
> MIT Kerberos V gathers its own ``entropy'' when generating random
> keys
>
> Heimdal uses /dev/random
>
> This matters in particular for creating keys for servers. Session keys
> may or may not be a big deal, depending on the application.
> --
> Jacques Vidrine / [EMAIL PROTECTED] / [EMAIL PROTECTED]
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-current" in the body of the message
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
