On 09/11/2010 11:33 AM, Henrique de Moraes Holschuh wrote: > BTW, don't just cat the date into /dev/random. Cat the entire contents of > the kernel log buffer as well.
Can you explain why you think that would be worthwhile? There was 100% consensus on the cryptography list that using the date/time was a good idea. Using the entire kernel log was not discussed, and I guarantee you that it would not receive consensus. I for one would object that it is not useful, let alone necessary. The cryptographic purpose would be fully accomplished by a humble counter, so long as each time it was used it differed by even _one bit_ from all previous values. For present purposes, the clock serves as a counter, with the advantage that it is present on almost all platforms. The clock-time is guaranteed to be different on each reboot. The log is not guaranteed to be different, except insofar as it includes timestamps that depend on the clock. > HOWEVER one should contact the porters for the arches with other kernels and > get the relevant data from them, nobody around here claimed any knowledge of > how /dev/random in FreeBSD (or The Hurd for that matter) behaves. Heck, I > don't even KNOW if the initscript runs there or not... :( That is IMHO a good enough reason to not bother. Since it is not worth doing at all, it is not worth bothering the architecture folks about it. _______________________________________________ Pkg-sysvinit-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/pkg-sysvinit-devel
