mdedetrich commented on code in PR #385:
URL: https://github.com/apache/incubator-pekko/pull/385#discussion_r1228053082
##########
actor/src/main/resources/reference.conf:
##########
@@ -1144,6 +1144,12 @@ pekko {
# Defaults to a system dependent lookup (on Unix like OSes, will
attempt to parse /etc/resolv.conf, on
# other platforms, will default to 1).
ndots = default
+
+ # The policy used to generate dns transaction ids. Options are
sequence, thread-local-random or secure-random.
+ # Defaults to thread-local-random similar to Netty, secure-random
produces FIPS compliant random numbers but
+ # could block looking for entropy (these are short integers so are
easy to bruit-force), sequence is the old
+ # behavior.
+ id-generator-policy = thread-local-random
Review Comment:
So I just spoke with @Claudenw and his solution at
https://github.com/Claudenw/IdSupplier/blob/main/src/org/example/ShortSupplier.java
should do a better job at avoiding so many collision's due to 32k numbers, in
other words it actually goes out if its way to minimize the amount of
collisions generated by using enhanced double hashing + 2 buffers to also
handle roll over
> IMO the only reason to enable SecureRandom would be if you require it for
FIPS.
We have a person in our company that specializes in security who's on IETF
and his recommendation was to use `SecureRandom` as a seed + a PRF such as
SHA-256/HMAC. His view is that `SecureRandom` on every is excessive, however
non crypto secure hashes is way too easy.
The common/trivial way to solve this issue appears to be using
`SecureRandom` every time and check for collisions against in flight
transactions, thats what systemd-resolved does for example.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
