From owner-freebsd-security Mon Jul 24 12:58:34 2000 Delivered-To: freebsd-security@freebsd.org Received: from exchange.lightrealm.com (exchange.lightrealm.com [216.122.95.4]) by hub.freebsd.org (Postfix) with ESMTP id 59BA237BEB8; Mon, 24 Jul 2000 12:58:18 -0700 (PDT) (envelope-from rcarskadden@lightrealm.com) Received: by EXCHANGE with Internet Mail Service (5.5.2650.21) id ; Mon, 24 Jul 2000 12:18:40 -0700 Message-ID: From: Rush Carskadden To: 'Kris Kennaway' Cc: security@FreeBSD.ORG Subject: RE: randomdev entropy gathering is really weak Date: Mon, 24 Jul 2000 12:18:39 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I was referring to the portion that said: > If you can't reach a NTP server, you are not connected to the internet. In > that case you don't need to worry so much about security... I was not disagreeing with Wollman, I was assisting him in pointing out Neland's oversight. ok, Rush Carskadden -----Original Message----- From: Kris Kennaway [mailto:kris@FreeBSD.ORG] Sent: Friday, July 21, 2000 7:14 PM To: Rush Carskadden Cc: 'Garrett Wollman'; Leif Neland; security@FreeBSD.ORG Subject: RE: randomdev entropy gathering is really weak On Fri, 21 Jul 2000, Rush Carskadden wrote: > It is somewhat troubling to me to think that you may assume the only > time you need security is when you are connected to the Internet. Picture a That's not what he said: > Unless, of course, the reason your machine is not connected to the > Internet is in order that it be able to provide some critical security > functionality. i.e. the machine is not connected to the net because it is critical to security. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message