[Cryptography] TRNG related review: rngd and /dev/random
Thierry Moreau
thierry.moreau at connotech.com
Wed Jan 20 11:30:32 EST 2016
On 20/01/16 01:37 AM, Bill Cox wrote:
>
> These problems are fixable. Health monitors with good entropy
> estimators should be required for each entropy source.
Those who maintain the Linux kernel are not in a position to *require*
either health monitors or good entropy estimators. The inclusion of an
entropy source in a system is a decision that may be made even after the
Linux distribution packaging.
> The result is that zero [entropy] was from the OneRNG!
Maybe you failed to fulfill the Linux distribution requirement for both
health monitor and entropy estimator (pun intended). You may be
confident in the OneRNG but how the Linux distribution specialists might
be convinced?
I guess the process of trusted secret random source provisioning may not
be delegated to O/S team.
- Thierry
More information about the cryptography
mailing list