>>>>> "Ben" == Ben Hutchings <b...@decadent.org.uk> writes:
>> The additional entropy gathered is for extra safety; it is not
>> *depended* on for basic security assumptions.
Ben> [...]
Ben> It is, because the the kernel is told to treat it as providing
Ben> a certain number of bits of entropy.
I see no problem crediting the secret stored across the reboot with the
entropy in the pool at the time of shutdown.
I agree that the credits for the entropy of the additional information
added may be too high.
I'm skeptical that the actual entropy credits matter much once you have
*enough*, but I agree that the /dev/random interface does depend on
that, and the proposal as described may be violating that assumption.
