In message <CABUciR=m+b45ddzyv2j8z9+ltvuy4rwh+kp3e8njyahdpy-...@mail.gmail.com> , Alexander Gurvitz writes: > Hello all. > > What random device used for ? > ARM says "Entropy is primarily needed for DNSSEC=A0operations, > such as ... dynamic update of signed zones". I don't get why signing a zone > requires any randomness.
It doesn't for RSA. However DSA does require randomness. > This bothers me as I'm implementing DNSSEC now, and I know that my systems > are low at entropy, and BIND default random-device is /dev/random, > and it (the device) blocks when there's no entropy available. > > Does BIND really needs that entropy, and how much ? Yes, if you are using DSA. > Regards, > Alexander Gurvitz, > net-me.net > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscri= > be from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
