From owner-freebsd-arch@FreeBSD.ORG Fri Aug 23 23:18:12 2013 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 5C4819C; Fri, 23 Aug 2013 23:18:12 +0000 (UTC) (envelope-from jmg@h2.funkthat.com) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 33F6C2B59; Fri, 23 Aug 2013 23:18:11 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id r7NNI9fq016202 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 23 Aug 2013 16:18:09 -0700 (PDT) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id r7NNI8ZY016201; Fri, 23 Aug 2013 16:18:08 -0700 (PDT) (envelope-from jmg) Date: Fri, 23 Aug 2013 16:18:08 -0700 From: John-Mark Gurney To: Tim Kientzle Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <20130823231808.GT94127@funkthat.com> Mail-Followup-To: Tim Kientzle , Mark R V Murray , Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= , secteam@freebsd.org, FreeBSD-arch Arch References: <20130816002625.GE76666@x96.org> <9B274F48-0C88-4117-BEAC-1A555772A3C5@grondar.org> <86a9kf733d.fsf@nine.des.no> <0C97B866-A169-4141-8368-AA7F5B5382F4@grondar.org> <861u5r71zi.fsf@nine.des.no> <892B11BD-396D-4F82-B97C-753F72CA494D@grondar.org> <86r4dr5j3p.fsf@nine.des.no> <4C1BD77C-8C6B-4044-9285-5978A3BC4B70@kientzle.com> <537622E1-F785-4BFA-B829-09DCDB484606@grondar.org> <932AB5CA-778E-438D-8FD3-8C0F29F3D117@kientzle.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <932AB5CA-778E-438D-8FD3-8C0F29F3D117@kientzle.com> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Fri, 23 Aug 2013 16:18:09 -0700 (PDT) Cc: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= , secteam@freebsd.org, Mark R V Murray , FreeBSD-arch Arch X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Aug 2013 23:18:12 -0000 Tim Kientzle wrote this message on Sun, Aug 18, 2013 at 12:27 -0700: > But clearly some people really want to be able to > force /dev/random to be the unconditioned output > of a particular HW RNG. I don't know if this is a > good idea or not, but clearly there are people who > want this. Considering that the Ivy bridge's rdrand implementation already uses AES to condition the raw entropy source, using Yarrow/etc to additionally condition it seems excesive, hence why some people want to use it directly... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."