Poul-Henning Kamp  <[EMAIL PROTECTED]> wrote:
> In message <[EMAIL PROTECTED]>, Kri
> s Kennaway writes:
> >On Sun, 23 Jul 2000, Poul-Henning Kamp wrote:
> >
> >> Obviously, if you need more randomness than a stock FreeBSD system
> >> can provide you with, you add hardware to give you more randomness.
> >
> >This won't help if it's fed through Yarrow.
> Nobody has said anything about forcing you to use Yarrow, have they ?

If FreeBSD delivers with it, it will get used.
I think Kris has a valid concern. If I assume that I will get good
randomness from /dev/random, and I don't, there is potential danger.

Assume I want to encrypt a message by XOR'ing with randomness.

If I then exchange my keys securely, the message is uncrackable.

With the current approach it has a 256bits key. This is, in my eyes, not
good. Although yarrow is nice, It's suited for any kind of key

> I have not seen any new information in the last N emails from you.

This is because his concerns aren't addressed yet.

Das Usenet ist so ein wunderbares, aber zerbrechliches Medium und so viele
treten es so in den Dreck und machen es unbenutzbar - sei es durch Absicht
oder Gedankenlosigkeit, was vom Ergebnis das gleiche ist.  -- Bettina Fink

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to