[Cryptography] randomness +- entropy

[Bill Stewart]

At 12:23 AM 11/12/2013, James A. Donald wrote:
>On 2013-11-12 16:44, John Denker wrote:
>>The fact is, there are some applications that cannot make do with
>>low-quality randomness *and* cannot afford to wait.
>
>I don't think so.

Most applications can wait.  Some of them could wait, but currently don't.
But what applications are there that really do need to run early?

The one potential example I can think of is hard drive encryption -
it definitely needs good (pseudo)randomness,
and needs to start pretty early in the boot process
so other applications can have a file system to write to,
and I'd prefer not to have a system that starts out
writing unencrypted/badlyencrypted data and then updates it,
though I suppose you don't typically have any user data that early.
(BTW, does an encrypted disk drive provide any useful seed material 
for future boots?)

Are there any network processes that need crypto before running?
Applications like sshd and https obviously do, so you need 
/dev/*random running before you can use them for system 
administration, but they probably don't need to be ready early.