On Tue, 5 Mar 2002, Mark Murray wrote:
> > We did make some enhancements that serve our needs, but may not be
> > best for everyone. We actually need entropy in quantity since we could be
> > doing a lot of crypto operations back to back and it can easily become our
> > worst bottleneck.
>
> Have you looked at the "Yarrow" algorithm?
Yes. I actually grilled you a bit about this at BSDCon 2000. :-)
AFAIK, it will never be back ported to 4-STABLE. Is there an option that's
appeared for FreeBSD besides this in the last 18 months?
> In CURRENT, I have implemented Yarrow to achieve just this purpose.
>
> > The drawback to our approach is that it can spend a lot of time in
> > the kernel. To tune this behavior we added a few sysctl's. The start/stop
> > script after the diff's tweaks a few of these settings after boot up.
>
> Again, look at current. The RNG is _really_ fast.
I know. I know. I wish we could use it. Unfortunately this is
for an appliance type application and I just don't feel comfortably
shipping -CURRENT as product. I'm only just now making the effort to get
up to speed on -CURRENT so that we can be ready to use it later this year.
Adrian
--
[ [EMAIL PROTECTED] ]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
