> On Jun 22, 2016, at 10:15 PM, Guido van Rossum <gu...@python.org> wrote:
>
> Before I can possibly start thinking about what to do when the system's
> CSPRNG is initialized, I need to understand more about how it works.
> Apparently there's a possible transition from the "not ready yet" ("bad")
> state to "ready" ("good"), and all it takes is usually waiting for a second
> or two. But is this a wait that only gets incurred once, somewhere early
> after a boot, or is this something that can happen at any time?
Once, only after boot. On most (all?) modern Linux systems there’s even part of
the boot process that attempts to seed the CSPRNG using random values stored
during a previous boot to shorten the time window between when it’s ready and
when it’s not yet initialized. However, once it is initialized it will never
block (or EAGAIN) again.
—
Donald Stufft
_______________________________________________
Security-SIG mailing list
Security-SIG@python.org
https://mail.python.org/mailman/listinfo/security-sig
