From owner-freebsd-current Sun Jun 25 8: 3:47 2000 Delivered-To: freebsd-current@freebsd.org Received: from gw.nectar.com (gw.nectar.com [209.98.143.44]) by hub.freebsd.org (Postfix) with ESMTP id C648537B5B4; Sun, 25 Jun 2000 08:03:44 -0700 (PDT) (envelope-from nectar@nectar.com) Received: from bone.nectar.com (bone.nectar.com [10.0.1.105]) by gw.nectar.com (Postfix) with ESMTP id ED6FF9B2D; Sun, 25 Jun 2000 10:03:43 -0500 (CDT) Received: by bone.nectar.com (Postfix, from userid 1001) id CA83D1DC6; Sun, 25 Jun 2000 10:03:34 -0500 (CDT) Date: Sun, 25 Jun 2000 10:03:34 -0500 From: "Jacques A . Vidrine" To: Mark Murray Cc: freebsd-current@freebsd.org, imp@freebsd.org Subject: Re: HEADS UP! New (incomplete) /dev/random device! Message-ID: <20000625100334.C16657@bone.nectar.com> Mail-Followup-To: "Jacques A . Vidrine" , Mark Murray , freebsd-current@freebsd.org, imp@freebsd.org References: <200006251035.MAA16350@grimreaper.grondar.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200006251035.MAA16350@grimreaper.grondar.za>; from mark@grondar.za on Sun, Jun 25, 2000 at 12:35:12PM +0200 X-Url: http://www.nectar.com/ Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Jun 25, 2000 at 12:35:12PM +0200, Mark Murray wrote: > 1) It is not yet cryptographically secure, so those of you using > CURRENT for "live" projects, please be careful! I guess it follows that it is not a good idea to generate keys or certificates on -CURRENT for a while (until entropy comes back to town)? I don't know which applications depend on /dev/random providing entropy and which gather their own. If so, I think this needs an UPDATING entry, particularly since the symptoms could outlive the cause. i.e. something to the effect of ``Keys and certificates generated on -CURRENT on or after m/d/y should not be used'' and updated again when the entropy is again available. -- Jacques Vidrine / n@nectar.com / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message