[Cryptography] In search of random numbers

Bear bear at sonic.net
Fri Oct 24 14:02:51 EDT 2014


On Fri, 2014-10-24 at 06:46 +0200, Stephan Neuhaus wrote:
> On 2014-10-24 02:09, Tom Mitchell wrote:
> > What "early" needs are there for entropy?
> 
> Most SSH keys are generated on first-time boot.

This is dumb.  

This is bad design.

We don't need to be providing early boot-time entropy; 
we need to be educating people that any design which 
requires early boot-time entropy is a mistake. 

Bear



More information about the cryptography mailing list