On Thu, Mar 31, 2005 at 09:57:12PM +0900, Andre Caldas wrote: > >enthropy gathering is the hardest part, but _any_ /dev/random would be > >better then nothing... right? well except for the false-sense of > >security issue but once their is something, it can be improoved... If > >this hasn't been done yet, i'll definetly be down to work on it. > > It seems that you already understand the issue. But don't expect > everybody to agree with your "better then nothing"... (maybe you just > started a war).
Well, I think there are two seperate issues. For Debian GNU/Hurd (or any other distribution) "better than nothing" is good enough for the time being. Actually, I have packaged egd (gnupg's entropy gathering daemon) over easter, it's at http://people.debian.org/~mbanck/hurd/egd_0.9-1_all.deb You need to tweak gnupg and openssh at build time in order to use it though I believe, but I'm interested in any success with that (I haven't really tested the package). We should still make it clear that this is not appropriate security of course, but it's better than everybody copying /bin/bash to /dev/random. The other issue is upstream. I think it is clear that no half-assed solution will be accepted there, so if anybody wants to work on the entropy translator to rule them all, they should get advice from the upstream hackers (most notably marcus, probably) Michael _______________________________________________ Bug-hurd mailing list Bug-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/bug-hurd
