Date: Sun, 25 Jun 2000 10:03:34 -0500 From: "Jacques A . Vidrine" <n@nectar.com> To: Mark Murray <mark@grondar.za> Cc: freebsd-current@freebsd.org, imp@freebsd.org Subject: Re: HEADS UP! New (incomplete) /dev/random device! Message-ID: <20000625100334.C16657@bone.nectar.com> In-Reply-To: <200006251035.MAA16350@grimreaper.grondar.za>; from mark@grondar.za on Sun, Jun 25, 2000 at 12:35:12PM %2B0200 References: <200006251035.MAA16350@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 25, 2000 at 12:35:12PM +0200, Mark Murray wrote: > 1) It is not yet cryptographically secure, so those of you using > CURRENT for "live" projects, please be careful! I guess it follows that it is not a good idea to generate keys or certificates on -CURRENT for a while (until entropy comes back to town)? I don't know which applications depend on /dev/random providing entropy and which gather their own. If so, I think this needs an UPDATING entry, particularly since the symptoms could outlive the cause. i.e. something to the effect of ``Keys and certificates generated on -CURRENT on or after m/d/y should not be used'' and updated again when the entropy is again available. -- Jacques Vidrine / n@nectar.com / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000625100334.C16657>