The critical values for the statistical tests are set so that
p=.0001, so there should be one false positive (the null hypothesis
being that the data _are_ random) in 10,000 rekeyings. In that case
the right thing to do is simply to rekey -- though for a hardware
generator that fails the
Matthew Mondor mm_li...@pulsar-zone.net wrote:
Yet ideally for performance and security, it'd be ideal if the
interface only presented integer IDs for the class, and reserved
integer key attributes for the i.e. EXTATTR_SYSTEM class (just like our
groups are really gids). The Linux
Matthew Mondor mm_li...@pulsar-zone.net wrote:
Strings are used instead of IDs to distinguish the class of an extended
attribute, i.e. system etc. My question is then: must those be
limited to ASCII or can they support arbitrary bytes, or UTF-8?
For now it is just a C string. It seems we
On Sat, Oct 22, 2011 at 04:35:42PM +, Christos Zoulas wrote:
1) + memset(r, 0, sizeof(r)); needs (*r)
Indeed.
2) The code around the above memset has whitespace issues.
There are a lot of KNF issues in general. I'll fix these in a final
pass before I check anything in, and send
On Sat, Oct 22, 2011 at 02:05:52AM -0400, Mouse wrote:
Conservative, but not necessarily conrrect. Some systems stay up a
long time, and if working hardware RNG get auto-detached whenever a
1-in-1 test trips, long-lived systems _will_ lose their RNGs. I
think this is suboptimal.
Two